Intel UEFI EFI S3 Resume Boot Path Script Privilege Escalation (INTEL-SA-00041)

medium Nessus Plugin ID 80458

Synopsis

The remote host is vulnerable to a local privilege escalation attack.

Description

The version of the Intel UEFI BIOS on the remote host is affected by a privilege escalation vulnerability due to an error, related to handling the EFI S3 Resume Boot Path boot script, that allows bypassing firmware write protections. An attacker can exploit this to perform a reflash of the firmware, read or write to SMRAM memory, or render the system inoperable.

Solution

Upgrade the system BIOS on the remote host.

See Also

http://www.nessus.org/u?d508472d

http://www.nessus.org/u?15369710

Plugin Details

Severity: Medium

ID: 80458

File Name: intel_bios_uefi_priv_escal.nasl

Version: 1.4

Type: local

Family: Misc.

Published: 1/12/2015

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.2

CVSS v2

Risk Factor: Medium

Base Score: 6.2

Temporal Score: 4.6

Vector: CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C

Vulnerability Information

Required KB Items: BIOS/Version, BIOS/Vendor

Exploit Ease: No known exploits are available

Patch Publication Date: 12/23/2014

Vulnerability Publication Date: 12/23/2014

Reference Information

CVE: CVE-2014-8274

BID: 71873

CERT: 976132