blankspace
Proof of Concept for EFSRPC Arbitrary File Upload (CVE-2021-43893) (by jbaines-r7)
CVE-2022-21894
baton drop (CVE-2022-21894): Secure Boot Security Feature Bypass Vulnerability (by Wack0)
Our great sponsors
blankspace | CVE-2022-21894 | |
---|---|---|
1 | 5 | |
60 | 276 | |
- | - | |
0.0 | 2.4 | |
about 2 years ago | 7 months ago | |
C | C | |
BSD 3-clause "New" or "Revised" License | The Unlicense |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
blankspace
Posts with mentions or reviews of blankspace.
We have used some of these posts to build our list of alternatives
and similar projects.
CVE-2022-21894
Posts with mentions or reviews of CVE-2022-21894.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-03-08.
-
Stealthy UEFI malware bypassing Secure Boot enabled by unpatchable Windows flaw
ESET described what BlackLotus does to exploit baton drop:
-
BlackLotus UEFI bootkit: Myth confirmed
CVE-2022-21894 PoC: Secure Boot Security Feature Bypass Vulnerability https://github.com/Wack0/CVE-2022-21894
-
First in-the-wild UEFI bootkit bypassing UEFI Secure Boot
The write-up I saw suggests that revoking the Windows bootloader would cause existing install and restore images to fail to boot even with Secure Boot disabled because it checks its own signature, which would be pretty amazing if true: https://github.com/Wack0/CVE-2022-21894
- Baton Drop (CVE-2022-21894): Secure Boot Security Feature Bypass Vulnerability
What are some alternatives?
When comparing blankspace and CVE-2022-21894 you can also consider the following projects:
CVE-2021-4034 - PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec (CVE-2021-4034)
Ventoy - A new bootable USB solution.
CVE-2020-0796 - CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost
bootkit-samples - Bootkit sample for firmware attack
AreWeAntiCheatYet - A comprehensive and crowd-sourced list of games using anti-cheats and their compatibility with GNU/Linux or Wine.