Vulnerability identifier: #VU82610
Vulnerability risk: Low
CVSSv3.1: 5.8 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-121
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
Mehlow
Mobile applications /
Mobile firmware & hardware
Mehlow-R(CFL-S)
Mobile applications /
Mobile firmware & hardware
Tatlow (RKS)
Mobile applications /
Mobile firmware & hardware
Raptor Lake
Mobile applications /
Mobile firmware & hardware
Alder Lake N
Mobile applications /
Mobile firmware & hardware
Alder Lake
Mobile applications /
Mobile firmware & hardware
Phoenix FP7_FP8 / Hawk Point 5.5
Mobile applications /
Mobile firmware & hardware
Dragon Range
Mobile applications /
Mobile firmware & hardware
Mendocino
Mobile applications /
Mobile firmware & hardware
Raphael
Mobile applications /
Mobile firmware & hardware
Rembrandt
Mobile applications /
Mobile firmware & hardware
VanGogh
Mobile applications /
Mobile firmware & hardware
Barcelo
Mobile applications /
Mobile firmware & hardware
Cezanne
Mobile applications /
Mobile firmware & hardware
Lucienne
Mobile applications /
Mobile firmware & hardware
Vendor: Insyde Software
Description
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error in AsfSecureBootDxe. A local user can trigger a stack-based buffer overflow and execute arbitrary code during DXE phase during DXE phase.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
Mehlow: All versions
Mehlow-R(CFL-S): All versions
Tatlow (RKS): All versions
External links
http://www.insyde.com/security-pledge/SA-2023054
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.