Insyde Security Advisory 2022037

Insyde ID Advisory Category Impact of Vulnerability Severity Rating Original Date Last Revised
INSYDE-SA-2022037 Software CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N 8.2 09/30/2022 09/30/2022

Summary:

Signed third party UEFI bootloaders are vulnerable to Secure Boot bypass

Vulnerability Details

VU#309662
New Horizon Datasys Inc (CVE-2022-34302)
UEFI Shell execution to bypass Secure Boot
CryptoPro Secure Disk (CVE-2022-34301)
Eurosoft (UK) Ltd (CVE-2022-34303)

A security feature bypass vulnerability exists in signed 3rd party UEFI bootloaders that allows bypass of the UEFI Secure Boot feature. An attacker who successfully exploits this vulnerability can bypass the UEFI Secure Boot feature and execute unsigned code during the boot process.

These boot loaders are blocked from execution in InsydeH2O, versions:
kernel 5.0, unknown (End of Support)
kernel 5.1, unknown (End of Support)
kernel 5.2, version 05.27.34
kernel 5.3, version 05.36.34
kernel 5.4, version 05.44.34
kernel 5.5, version 05.52.34

Acknowledgements

This issue was reported to Microsoft by Eclypsium.

Revision History:

Revision Date Description
1.0 09/30/2022 Initial Release
- - -

Return to Insyde's Security Pledge