"Two Dozen UEFI Vulnerabilities Impact Millions of Devices From Major Vendors"
Researchers at Binarly identified 23 high-severity vulnerabilities in UEFI firmware code used by the world's largest device makers. These vulnerabilities could impact millions of laptops, servers, routers, network appliances, Industrial Control Systems (ICS), edge computing devices, and other enterprise devices. More than 25 vendors are affected, including HP, Lenovo, Fujitsu, Microsoft, Intel, Dell, Bull (Atos), and Siemens. The vulnerabilities were discovered in InsydeH2O UEFI firmware provided by Insyde Software. The problem stems from the reference code associated with InsydeH2O firmware framework code. Researchers explained that all of the affected vendors use Insyde-based firmware SDK to develop their pieces of firmware. The security holes mainly relate to System Management Mode (SMM), and their exploitation can result in the execution of arbitrary code with elevated privileges. An attacker who has privileged user access to the targeted system can use the vulnerabilities to install highly persistent malware. Additionally, the attacker can circumvent endpoint security solutions, Secure Boot, and virtualization-based security. This article continues to discuss the cause and potential impact of the UEFI vulnerabilities identified by Binarly researchers.
Security Week reports "Two Dozen UEFI Vulnerabilities Impact Millions of Devices From Major Vendors"