What can hackers do if abusing the Lenovo UEFI Firmware vulnerabilities successfully is that they may be able to disable SPI flash safeguards or Secure Boot, effectively allowing them to install persistent malware that can continue to live despite a system reboot. With the last two having an impact on firmware drivers initially designed for the sole use “during the production process of Lenovo consumer notebooks.” More Details on the Lenovo UEFI Firmware VulnerabilitiesĪccording to ESET researcher Martin Smolár’s report, the following CVEs were assigned to these flaws: By successfully exploiting these flaws, threat actors can deploy and execute firmware implants on the impacted devices. Researchers have recently identified three Lenovo UEFI firmware vulnerabilities of high impact located in various Lenovo laptop models that consumers use.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |