Intel WheaERST SMM Module Privilege Escalation Vulnerability
Vulnerability
A time-of-check time-of-use race condition has been identified in the WheaERST SMM module for certain Intel reference platforms. This vulnerability may allow a system software adversary with privileged user access to escalate privileges. The issue arises from a race condition that could be exploited through local access, without the need for special internal knowledge or user interaction. The vulnerability has high implications for confidentiality, integrity, and availability on the affected system.
Impact
Exploitation of this vulnerability could lead to unauthorized privilege escalation, allowing a user to gain elevated rights or access within the system.
Remediation
Users are advised to update to the latest version provided by their system manufacturer that addresses this vulnerability.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.