Stack Overflow Vulnerability in Aspire E5-475G BIOS Firmware: Exploiting FpGui Module for Arbitrary Code Execution and Privilege Escalation

Stack Overflow Vulnerability in Aspire E5-475G BIOS Firmware: Exploiting FpGui Module for Arbitrary Code Execution and Privilege Escalation

CVE-2022-40080 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Stack overflow vulnerability in Aspire E5-475G 's BIOS firmware, in the FpGui module, a second call to GetVariable services allows local attackers to execute arbitrary code in the UEFI DXE phase and gain escalated privileges.

Learn more about our Cis Benchmark Audit For Apple Ios.