Intel UEFI EFI S3 Resume Boot Path Script Privilege Escalation (INTEL-SA-00041)
Medium Nessus Plugin ID 80458
SynopsisThe remote host is vulnerable to a local privilege escalation attack.
DescriptionThe version of the Intel UEFI BIOS on the remote host is affected by a privilege escalation vulnerability due to an error, related to handling the EFI S3 Resume Boot Path boot script, that allows bypassing firmware write protections. An attacker can exploit this to perform a reflash of the firmware, read or write to SMRAM memory, or render the system inoperable.
SolutionUpgrade the system BIOS on the remote host.