CVE-2023-49721 - Vulnerability Details - OpenCVE

An insecure default to allow UEFI Shell in EDK2 was left enabled in LXD. This allows an OS-resident attacker to bypass Secure Boot.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Canonical	Lxd
Tianocore	Edk2

Configuration 1 [-]

OR	cpe:2.3:a:canonical:lxd::::::::
	cpe:2.3:a:tianocore:edk2::-::::::*

No data.

References

Link	Providers
https://bugs.launchpad.net/ubuntu/+source/edk2/+bug/2040137
https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/2040139
https://nvd.nist.gov/vuln/detail/CVE-2023-48733
https://www.openwall.com/lists/oss-security/2024/02/14/4

History

Tue, 26 Aug 2025 17:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Tianocore Tianocore edk2
CPEs		cpe:2.3:a:tianocore:edk2::-::::::*
Vendors & Products		Tianocore Tianocore edk2

Thu, 24 Oct 2024 17:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Canonical Canonical lxd
Weaknesses		CWE-276
CPEs		cpe:2.3:a:canonical:lxd::::::::
Vendors & Products		Canonical Canonical lxd
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: canonical

Published: 2024-02-14T21:57:40.878Z

Updated: 2024-10-24T16:44:29.650Z

Reserved: 2023-12-05T19:36:34.701Z

Link: CVE-2023-49721

Vulnrichment

Updated: 2024-08-02T22:01:25.700Z

NVD

Status : Analyzed

Published: 2024-02-14T22:15:47.530

Modified: 2025-08-26T17:19:29.193

Link: CVE-2023-49721

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-49721", "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "state": "PUBLISHED", "assignerShortName": "canonical", "dateReserved": "2023-12-05T19:36:34.701Z", "datePublished": "2024-02-14T21:57:40.878Z", "dateUpdated": "2024-10-24T16:44:29.650Z"}, "containers": {"cna": {"affected": [{"packageName": "lxd", "product": "LXD", "vendor": "Canonical Ltd.", "platforms": ["Linux"], "versions": [{"status": "affected", "version": "0"}]}], "descriptions": [{"lang": "en", "value": "An insecure default to allow UEFI Shell in EDK2 was left enabled in LXD. This allows an OS-resident attacker to bypass Secure Boot."}], "references": [{"tags": ["issue-tracking"], "url": "https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/2040139"}, {"tags": ["issue-tracking"], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48733"}, {"tags": ["mailing-list"], "url": "https://www.openwall.com/lists/oss-security/2024/02/14/4"}, {"tags": ["issue-tracking"], "url": "https://bugs.launchpad.net/ubuntu/+source/edk2/+bug/2040137"}], "credits": [{"lang": "en", "type": "finder", "value": "Mate Kukri"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "baseScore": 6.7, "baseSeverity": "MEDIUM"}}], "providerMetadata": {"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "shortName": "canonical", "dateUpdated": "2024-02-14T21:57:40.878Z"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T22:01:25.700Z"}, "title": "CVE Program Container", "references": [{"tags": ["issue-tracking", "x_transferred"], "url": "https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/2040139"}, {"tags": ["issue-tracking", "x_transferred"], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48733"}, {"tags": ["mailing-list", "x_transferred"], "url": "https://www.openwall.com/lists/oss-security/2024/02/14/4"}, {"tags": ["issue-tracking", "x_transferred"], "url": "https://bugs.launchpad.net/ubuntu/+source/edk2/+bug/2040137"}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-276", "lang": "en", "description": "CWE-276 Incorrect Default Permissions"}]}], "affected": [{"vendor": "canonical", "product": "lxd", "cpes": ["cpe:2.3:a:canonical:lxd:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "*", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-02-15T16:55:58.653539Z", "id": "CVE-2023-49721", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-24T16:44:29.650Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/2040139", "tags": ["issue-tracking", "x_transferred"]}, {"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48733", "tags": ["issue-tracking", "x_transferred"]}, {"url": "https://www.openwall.com/lists/oss-security/2024/02/14/4", "tags": ["mailing-list", "x_transferred"]}, {"url": "https://bugs.launchpad.net/ubuntu/+source/edk2/+bug/2040137", "tags": ["issue-tracking", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T22:01:25.700Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-49721", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-02-15T16:55:58.653539Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:canonical:lxd:*:*:*:*:*:*:*:*"], "vendor": "canonical", "product": "lxd", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-276", "description": "CWE-276 Incorrect Default Permissions"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-24T16:44:18.930Z"}}], "cna": {"credits": [{"lang": "en", "type": "finder", "value": "Mate Kukri"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.7, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "Canonical Ltd.", "product": "LXD", "versions": [{"status": "affected", "version": "0"}], "platforms": ["Linux"], "packageName": "lxd"}], "references": [{"url": "https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/2040139", "tags": ["issue-tracking"]}, {"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48733", "tags": ["issue-tracking"]}, {"url": "https://www.openwall.com/lists/oss-security/2024/02/14/4", "tags": ["mailing-list"]}, {"url": "https://bugs.launchpad.net/ubuntu/+source/edk2/+bug/2040137", "tags": ["issue-tracking"]}], "descriptions": [{"lang": "en", "value": "An insecure default to allow UEFI Shell in EDK2 was left enabled in LXD. This allows an OS-resident attacker to bypass Secure Boot."}], "providerMetadata": {"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "shortName": "canonical", "dateUpdated": "2024-02-14T21:57:40.878Z"}}}, "cveMetadata": {"cveId": "CVE-2023-49721", "state": "PUBLISHED", "dateUpdated": "2024-10-24T16:44:29.650Z", "dateReserved": "2023-12-05T19:36:34.701Z", "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "datePublished": "2024-02-14T21:57:40.878Z", "assignerShortName": "canonical"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:canonical:lxd:*:*:*:*:*:*:*:*", "matchCriteriaId": "CCDFE8E4-47BD-40FE-93BB-FC5106157DDF", "versionEndExcluding": "5.21.0", "versionStartIncluding": "5.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:tianocore:edk2:*:-:*:*:*:*:*:*", "matchCriteriaId": "6CE995B2-F287-4E18-B840-6EC5171BBBA5", "versionEndIncluding": "2023.11-8", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An insecure default to allow UEFI Shell in EDK2 was left enabled in LXD. This allows an OS-resident attacker to bypass Secure Boot."}, {"lang": "es", "value": "Un valor predeterminado inseguro para permitir UEFI Shell en EDK2 se dej\u00f3 habilitado en LXD. Esto permite que un atacante residente en el sistema operativo omita el arranque seguro."}], "id": "CVE-2023-49721", "lastModified": "2025-08-26T17:19:29.193", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 5.9, "source": "security@ubuntu.com", "type": "Secondary"}]}, "published": "2024-02-14T22:15:47.530", "references": [{"source": "security@ubuntu.com", "tags": ["Issue Tracking"], "url": "https://bugs.launchpad.net/ubuntu/+source/edk2/+bug/2040137"}, {"source": "security@ubuntu.com", "tags": ["Issue Tracking"], "url": "https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/2040139"}, {"source": "security@ubuntu.com", "tags": ["Third Party Advisory"], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48733"}, {"source": "security@ubuntu.com", "tags": ["Mailing List"], "url": "https://www.openwall.com/lists/oss-security/2024/02/14/4"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking"], "url": "https://bugs.launchpad.net/ubuntu/+source/edk2/+bug/2040137"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking"], "url": "https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/2040139"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48733"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "https://www.openwall.com/lists/oss-security/2024/02/14/4"}], "sourceIdentifier": "security@ubuntu.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-276"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}