Acer has fixed a high-severity vulnerability affecting many notebooks

Acer has fixed a high-risk vulnerability in several notebook models that allows local attackers to disable the UEFI Secure Boot (UEFI Secure Boot) function on the target system.

On devices equipped with a Trusted Platform Module (TPM) chip and Unified Extensible Firmware Interface (UEFI) firmware, the secure boot feature can prevent untrusted operating systems from starting programs and prevent rootkits from loading during startup and bootkits and other malicious code.

The issue, first reported by ESET malware researcher Martin Smolar, is tracked as CVE-2022-4020 in the HQSwSmiDxe DXE driver on some consumer models of Acer laptops.

Acer said, 
researchers have discovered a vulnerability that could allow changing Secure Boot settings by creating an NVRAM variable (the actual value of the variable is not important, only the affected firmware driver will check for its existence).
After exploiting the vulnerability on an affected Acer laptop and turning off Secure Boot, threat actors can hijack the loading process of the operating system and load an unsigned bootloader to bypass or disable protections and deploy a malicious and effective load.

The full list of affected Acer laptop models includes the Acer Aspire A315-22, A115-21, A315-22G, Extensa EX215-21, and EX215-21G.

Post a Comment