Intel UEFI Firmware Privilege Escalation Vulnerability
Vulnerability
A vulnerability allowing improper input validation has been identified in the UEFI firmware SMM module for some Intel reference platforms. This vulnerability may lead to unauthorized privilege escalation. A system software adversary with a privileged user can execute local code, potentially impacting the system's confidentiality, integrity, and availability. The vulnerability requires local access, no special internal knowledge, and no user interaction.
Impact
Exploitation of this vulnerability could allow a privileged user to execute arbitrary code locally, with potential high impacts on the system's confidentiality, integrity, and availability.
Remediation
Intel recommends that users of affected Intel processors update to the latest version provided by the system manufacturer that addresses these issues.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.