Intel UEFI Reference Platforms Privilege Escalation and Denial-of-Service Vulnerability

A vulnerability in some Intel UEFI reference platforms within Ring 0: Kernel may lead to a denial of service and unauthorized privilege escalation. This issue arises from active debug code and can be exploited by a system software adversary with privileged user access. The vulnerability allows data alteration and could potentially be exploited through local access, without special internal knowledge, and requires no user interaction. It impacts the integrity and availability of the affected system, with similar consequences for the system's overall performance.

Impact

Exploitation of this vulnerability could result in unauthorized privilege escalation and a denial-of-service condition on the affected system.

Remediation

Users are advised to update to the latest version of Intel UEFI reference code provided by their system manufacturer that addresses this vulnerability.