Insyde's Security Pledge
Insyde Security Advisory 2023034
Insyde ID | Advisory Category | Impact of Vulnerability | Severity Rating | Original Date | Last Revised |
INSYDE-SA-2023034 | Software | CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N | 6.1 | 06/13/2023 | 06/13/2023 |
Summary:
Insyde Setup EFI Variable Lock Bypass Vulnerability
Vulnerability Details
An architectural flaw in how the InsydeH2O UEFI code handles configuring UEFI NVRAM variables. It is possible, from a EFI Shell, to edit memory in a fashion which allows a user the ability to arbitrarily modify the Setup NVRAM Variable, which in turns allows an attacker to enable manufacturer features. This is the security boundary which is bypassed in this vulnerability report.
Intel Mobile Platforms:
RPL: Version 05.45.11.0033
ADL-N: Version 05.44.45.0016
ADL: Version 05.44.34.0055
RKL: Version 05.42.52.0028
TGL: Version 05.43.12.0057
JSL: Version Tag 05.43.01.0026
Intel Server/Embedded Platforms
Jacobsville(SNR): Version 05.37.13.0055
ElkhartLake: Version 05.45.07.0020
Alder Lake N: Version 05.45.07.0003
Acknowledgements
Insyde Software would like to thank Nicholas Starke from HPE for reporting the vulnerability and engaging in the coordinated disclosure.
Revision History:
Revision | Date | Description |
1.0 | 06/13/2023 | Initial Release |
-- | -- | -- |