As far as I understand it, this means that your system doesn't have any secure boot keys in memory right now and awaits those keys, so the factory keys probably got deleted by accident.
In the setup mode, secure boot is just disabled and awaits these keys.
Going into Setup Mode is useful for people that want to verify and sign boot software for their own, so that secure boot only allows their signed efi's (e.g. the firmware, bootloader, OS) to load.
This is a very advanced option and is usually used just by agencies and companies with a very high security standard. Signing everything yourself, including updates, gets very tedious, so I wouldn't recommend it for the average user.
Usually one of the manufacturer's keys or Microsoft's key (PK) is on there, which only loads Microsoft/manufacturer signed efis (eg. Windows, some Linux Bootloaders, commercial Recovery Mediums, etc.). Unfortunately, some binary's Microsoft signed have been shown to be vulnerable to allow hackers to circumvent secure boot and while Microsoft does add them to the blacklist (dbx), PC's have to be updated to no longer be accepted by the UEFI. So, secure boot has it's problems if you let someone else do the verification. Putting in your own key protects you against that, but you shouldn't worry if you're not targeted directly by hackers.
So there's no immediate danger or anything, there should be "restore factory keys" or "restore secure boot keys" option which will put the original keys back in place and will enable secure boot again.
Hope that helps other people that come across a similar issue, for a very deep dive into the topic, consider reading this article: https://learn.microsoft.com/en-us/windows-hardware/manufacture/desktop/windows-secure-boot-key-creation-and-management-guidance?view=windows-11
