CVE-2025-8860 | QEMU uefi var-service-core.c uefi_vars_write information disclosure

A vulnerability classified as problematic has been found in QEMU. Affected is the function uefi_vars_write of the file hw/uefi/var-service-core.c of the component uefi. Performing manipulation results in information disclosure.

This vulnerability was named CVE-2025-8860. The attack needs to be approached within the local network. There is no available exploit.

To fix this issue, it is recommended to deploy a patch.VulDB Recent EntriesRead More