Logic issue in DxeImageVerificationHandler() for EDK II may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2019-14575 (Candidate) is related to these bugs: