Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-3052 PoC — Insyde InsydeH2O 安全漏洞

Source
https://github.com/yonatanasd232132/talkingBen
Associated Vulnerability
Title:Insyde InsydeH2O 安全漏洞 (CVE-2025-3052)
Description:Insyde InsydeH2O是中国系微(Insyde)公司的一个新的 EFI/UEFI 规范。旨在取代传统的 BIOS(基本输入/输出系统)。 Insyde InsydeH2O存在安全漏洞。攻击者利用该漏洞可以绕过某些功能。以下产品和版本受到影响:Windows Server 2025,Windows 10 for 32-bit Systems,Windows 10 for x64-based Systems,Windows 10 Version 1607 for 32-bit Systems,Win
Description
planned to be a root kit that is ingrained inside of the UEFI bootloader, but first does priviliage escalation and will be constantly update with probably a c2 server and anti EDR and AV's prevention measures for it to be real world applicable malware (looking for CVE-2025-3052)
File Snapshot

 [4.0K]  /data/pocs/2d7cb4b9761a35de4f273df859400496a4b971a0
├── [3.5K]  findsBOOTER.cpp
├── [7.2K]  hooker.cpp
├── [ 583]  MyHooks.inf
├── [ 191]  MyHooksPkg.dec
└── [1.3K]  MyHooksPkg.dsc

1 directory, 5 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.