House › Endpoint Safety

Vulnerability in Acer Laptops Permits Attackers to Disable Safe Boot

By Ionut Arghire on November 29, 2022

Tweet

A vulnerability impacting a number of Acer laptop computer fashions might enable an attacker to disable the Safe Boot characteristic and bypass safety protections to put in malware.

Tracked as CVE-2022-4020 (CVSS rating of 8.1), the vulnerability was recognized within the HQSwSmiDxe DXE driver, which checks for the existence of the ‘BootOrderSecureBootDisable’ NVRAM variable to disable Safe Boot.

“Vulnerability within the HQSwSmiDxe DXE driver on some shopper Acer Pocket book gadgets might enable an attacker with elevated privileges to change UEFI Safe Boot settings by modifying an NVRAM variable,” a Nationwide Vulnerability Database advisory explains.

Acer explains that the vulnerability might enable an attacker to tamper with Safe Boot settings just by creating NVRAM variables. As a result of the affected firmware driver solely checks for the existence of the variables, their precise worth just isn’t essential.

“By disabling the Safe Boot characteristic, an attacker can load their very own unsigned malicious bootloader to permit absolute management over the OS loading course of. This may enable them to disable or bypass protections to silently deploy their very own payloads with the system privileges,” Acer notes.

Impacted system fashions, the pc maker says, embody Aspire A315-22, A115-21, and A315-22G, and Extensa EX215-21 and EX215-21G.

“Acer is engaged on a BIOS replace to resolve this concern that can be posted on the Acer Help website. Acer recommends updating your BIOS to the most recent model to resolve this concern. This replace can be included as a essential Home windows replace,” the corporate notes.

ESET safety researcher Martin Smolar was credited for locating and reporting the vulnerability.

In response to ESET, this concern is like CVE-2022-3431, a vulnerability within the DXE driver BootOrderDxe of some Lenovo laptops which, simply because the HQSwSmiDxe DXE driver, checks for the existences of a BootOrderSecureBootDisable variable and disables Safe Boot if it exists.

ESET warned of this Lenovo bug in early November, urging customers to replace the BIOS on impacted gadgets as quickly as doable.

Now, the cybersecurity firm is elevating the alarm on this Acer vulnerability, urging customers to maintain an eye fixed out for the patches.

“Along with Lenovo vulnerabilities we disclosed earlier this month, we found one other related vulnerability in Acer laptops. Similar as in Lenovo case, it permits deactivating UEFI Safe Boot by creating NVRAM variable instantly from OS,” ESET notes.

Associated: Lenovo Patches UEFI Code Execution Vulnerability Affecting Many Laptops

Associated: HP Patches UEFI Vulnerabilities Affecting Over 200 Computer systems

Associated: Excessive-Severity UEFI Vulnerabilities Patched in Dell Enterprise Laptops

Get the Day by day Briefing

• Most Current
• Most Learn

• Ransomware Gang Takes Credit score for Maple Leaf Meals Hack
• Vulnerability in Acer Laptops Permits Attackers to Disable Safe Boot
• Cybercriminals Promoting Entry to Networks Compromised by way of Current Fortinet Vulnerability
• Oracle Fusion Middleware Vulnerability Exploited within the Wild
• Census Bureau Chief Defends New Privateness Device In opposition to Critics
• Virginia County Confirms Private Info Stolen in Ransomware Assault
• Mission Zero Flags ‘Patch Hole’ Issues on Android
• Irish Regulator Fines Meta 265 Million Euros Over Information Breach
• Hack-for-Rent Group Targets Android Customers With Malicious VPN Apps
• Crackdown on African Cybercrime Results in Arrests, Infrastructure Takedown

Searching for Malware in All of the Unsuitable Locations?

First Step For The Web’s subsequent 25 years: Including Safety to the DNS

Tattle Story: What Your Laptop Says About You

Be in a Place to Act By way of Cyber Situational Consciousness

Report Exhibits Closely Regulated Industries Letting Social Networking Apps Run Rampant

2010, A Nice Yr To Be a Scammer.

Do not Let DNS be Your Single Level of Failure

Learn how to Establish Malware in a Blink

Defining and Debating Cyber Warfare

The 5 A’s that Make Cybercrime so Enticing

Learn how to Defend In opposition to DDoS Assaults

Safety Budgets Not in Line with Threats

Anycast – Three Causes Why Your DNS Community Ought to Use It

The Evolution of the Prolonged Enterprise: Safety Methods for Ahead Considering Organizations

Utilizing DNS Throughout the Prolonged Enterprise: It’s Dangerous Enterprise

Orbit Brain

https://orbitbrain.com/

Orbit Brain is the senior science writer and technology expert. Our aim provides the best information about technology and web development designing SEO graphics designing video animation tutorials and how to use software easy ways
and much more. Like Best Service Latest Technology, Information Technology, Personal Tech Blogs, Technology Blog Topics, Technology Blogs For Students, Futurism Blog.