Intel System Management Mode Local Privilege Escalation (INTEL-SA-00018)
Medium Nessus Plugin ID 40458
SynopsisThe remote host is vulnerable to a local privilege escalation attack.
DescriptionThe version of the Intel BIOS on the remote host is vulnerable to an unspecified privilege escalation attack. Software running in ring 0 could potentially change code running in System Management Mode (SMM).
SMM is a privileged operating system that runs independently from the system's operating system. A local attacker could exploit this to run malicious code that may be undetectable from the operating system.
SolutionUpgrade to the relevant BIOS firmware referenced in the vendor's advisory.