Security News > 2022 > November > New Flaw in Acer Laptops Could Let Attackers Disable Secure Boot Protection

New Flaw in Acer Laptops Could Let Attackers Disable Secure Boot Protection
2022-11-29 16:39

Acer has released a firmware update to address a security vulnerability that could be potentially weaponized to turn off UEFI Secure Boot on affected machines.

Tracked as CVE-2022-4020, the high-severity vulnerability affects five different models that consist of Aspire A315-22, A115-21, and A315-22G, and Extensa EX215-21 and EX215-21G. The PC maker described the vulnerability as an issue that "May allow changes to Secure Boot settings by creating NVRAM variables." Credited with discovering the flaw is ESET researcher Martin Smolár, who previously disclosed similar bugs in Lenovo computers.

Disabling Secure Boot, an integrity mechanism that guarantees that only trusted software is loaded during system startup, enables a malicious actor to tamper with boot loaders, leading to severe consequences.

This includes granting the attacker complete control over the operating system loading process as well as "Disable or bypass protections to silently deploy their own payloads with the system privileges."

Per the Slovak cybersecurity company, the flaw resides in a DXE driver called HQSwSmiDxe.

The BIOS update is expected to be released as part of a critical Windows update.


News URL

http://thehackernews.com/2022/11/new-flaw-in-acer-laptops-could-let.html

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2022-11-28 CVE-2022-4020 Incorrect Default Permissions vulnerability in Acer products
Vulnerability in the HQSwSmiDxe DXE driver on some consumer Acer Notebook devices may allow an attacker with elevated privileges to modify UEFI Secure Boot settings by modifying an NVRAM variable.
local
low complexity
acer CWE-276
8.2
8.2

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Acer 34 0 5 4 10 19