UEFI Secure Boot Settings Modification Vulnerability in Acer Notebook Devices

UEFI Secure Boot Settings Modification Vulnerability in Acer Notebook Devices

CVE-2022-4020 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Vulnerability in the HQSwSmiDxe DXE driver on some consumer Acer Notebook devices may allow an attacker with elevated privileges to modify UEFI Secure Boot settings by modifying an NVRAM variable.

Learn more about our Web Application Penetration Testing UK.