Advertisement
Top
image credit: Pexels

Vulnerability in Acer Laptops Allows Attackers to Disable Secure Boot

November 29, 2022

Via: Security Week
Category:

Tracked as CVE-2022-4020 (CVSS score of 8.1), the vulnerability was identified in the HQSwSmiDxe DXE driver, which checks for the existence of the ‘BootOrderSecureBootDisable’ NVRAM variable to disable Secure Boot.

“Vulnerability in the HQSwSmiDxe DXE driver on some consumer Acer Notebook devices may allow an attacker with elevated privileges to modify UEFI Secure Boot settings by modifying an NVRAM variable,” a National Vulnerability Database advisory explains.

Read More on Security Week

RELATED PUBLICATIONS

Most Tinyproxy Instances are potentially vulnerable to flaw CVE-2023-49606
Massive security hole in VPNs shows their shortcomings as a defensive measure
Google fixed critical Chrome vulnerability CVE-2024-4058

Latest Publications

Improving cyber defense with open source SIEM and XDR
FBI takes down BreachForums ransomware website and Telegram channel
NHS Digital hints at exploit sightings of Arcserve UDP vulnerabilities
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!