The PE32/PE32+/TE image formats contain an EFI_IMAGE_DATA_DIRECTORY[] array that can contain an EFI_IMAGE_DIRECTORY_ENTRY_SECURITY element. This element in the array, and the content it describes are not included in the signature verification. The content describes one or more WIN_CERTIFICATES that are used in signature verification. For obvious reasons the content itself cannot be part of the signature check (else by calculating it, it would change the signature itself). However, the DataDirectory entry itself, could be part of the signature check. It is currently not the case. Because it's not, it gives an attacker a lot of leaway to take an existing validly signed .efi, make the room for the EFI_IMAGE_DIRECTORY_ENTRY_SECURITY content larger, and start adding content to it, while still leaving the WIN_CERTIFICATE in tact enough to pass signature verification. This would allow an attacker to get arbitrary content inside of the the EFI_IMAGE_DIRECTORY_ENTRY_SECURITY content mapped into memory, presumably with RWX or RX page protections. Hence having shellcode ready to go, in case an exploit is found somewhere (bypassing exploit mitigations). Reference: https://bugzilla.tianocore.org/show_bug.cgi?id=2213
Closing this bug as WONTFIX because this is not going to be considered as a vulnerability, given that to exploit this you need another existing vulnerability. This is more of a second security layer/hardening feature.