UEFI firmware from Microsoft, Intel, HP, Dell etc., can be at risk from nearly 20 different vulnerabilities

That is the InsydeH2O "Hardware-2-Operating System" UEFI BIOS, a software used by a series of major vendors in the computer field such as Microsoft, Intel, HP, Dell, Lenovo, Siemens, Fujitsu, etc., can be affected by more than two dozen different vulnerabilities, with ratings ranging from common to dangerous.

According to Binarly's investigation results, there are a total of 23 vulnerabilities that mainly affect System Management Mode (SMM). Information about these vulnerabilities is listed below along with their assigned security IDs.

Since these are all firmware-level vulnerabilities, successful exploitation can lead to persistent malware on the system that is almost impossible for users to completely remove.

Binarly describes the detected vulnerabilities as follows:

The majority of disclosed vulnerabilities (CVSS score: 7.5 - 8.2, high severity rating) resulted in code execution with SMM privileges. As part of the exploit chain, these vulnerabilities can be used as a second stage in a malicious process, to bypass security features or achieve long-term survival on the target system. [.]

By exploiting these vulnerabilities, attackers can successfully install malware that exists during the root of the operating system, and allows bypassing endpoint security solutions (EDRs). /AV), Secure Boot, Virtualization-Based Security.

The Binarly team first discovered these vulnerabilities on Fujitsu's LIFEBOOK notebook computers. After extensive investigation, it was quickly realized that not only Fujitsu, but also software from a variety of other manufacturers could be affected by these vulnerabilities. Cause because all are using InsydeH2O UEFI solutions.

You've just finished reading the article "UEFI firmware from Microsoft, Intel, HP, Dell etc., can be at risk from nearly 20 different vulnerabilities" edited by the TipsMake team. You can save uefi-firmware-from-microsoft-intel-hp-dell-etc-can-be-at-risk-from-nearly-20-different-vulnerabilities.pdf to your computer here to read later or print it out. We hope this article has provided you with many useful tech tips and tricks. You can search for similar articles on tips and guides. Thank you for reading and for following us regularly.