UEFI Vulnerability in Major Motherboards Enables Early-Boot Attacks

Motherboards from several major vendors are affected by a vulnerability that can allow a threat actor to conduct early-boot attacks.

According to an advisory published on Wednesday by Carnegie Mellon University’s CERT/CC, an attacker can exploit the vulnerability to access data in memory or influence the initial state of the system.

The security hole could allow an attacker to obtain sensitive data and conduct pre-boot code injection.

While the issue may sound critical as it undermines the integrity of the boot process and allows attacks to be conducted prior to the operating system’s defenses being loaded, exploitation requires physical access to the targeted device.

Specifically, a local attacker needs to be able to connect a malicious PCI Express (PCIe) device to a computer with a vulnerable motherboard.

ASRock, Asus, Gigabyte, and MSI have confirmed that some of their motherboards are affected. Each vendor has released its own ...