Insyde Security Advisory 2023034

Insyde ID Advisory Category Impact of Vulnerability Severity Rating Original Date Last Revised
INSYDE-SA-2023034 Software CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N 6.1 06/13/2023 06/13/2023

Summary:

Insyde Setup EFI Variable Lock Bypass Vulnerability

Vulnerability Details

CVE-2023-26090

An architectural flaw in how the InsydeH2O UEFI code handles configuring UEFI NVRAM variables. It is possible, from a EFI Shell, to edit memory in a fashion which allows a user the ability to arbitrarily modify the Setup NVRAM Variable, which in turns allows an attacker to enable manufacturer features. This is the security boundary which is bypassed in this vulnerability report.

Intel Mobile Platforms:

RPL: Version 05.45.11.0033
ADL-N: Version 05.44.45.0016
ADL: Version 05.44.34.0055
RKL: Version 05.42.52.0028
TGL: Version 05.43.12.0057
JSL: Version Tag 05.43.01.0026

Intel Server/Embedded Platforms

Jacobsville(SNR): Version 05.37.13.0055
ElkhartLake: Version 05.45.07.0020
Alder Lake N: Version 05.45.07.0003

Acknowledgements

Insyde Software would like to thank Nicholas Starke from HPE for reporting the vulnerability and engaging in the coordinated disclosure.

Revision History:

Revision Date Description
1.0 06/13/2023 Initial Release
-- -- --

Return to Insyde's Security Pledge