The drivers in the tool packages use RTL_QUERY_REGISTRY_DIRECT flag to read a registry value to which an untrusted user-mode application may be able to cause a buffer overflow.Referenceshttps://www.insyde.com/security-pledge/sa-2025010/
