Binarly researchers have discovered critical vulnerabilities in software used by 25 major computer vendors.

Binarly has identified 23 flaws in the InsydeH2O UEFI firmware used by Intel, AMD, Lenovo, Dell, ASUS, HP, Siemens, Microsoft, Fujitsu, Acer, and more.

At the same time, the researchers rated the danger of some vulnerabilities at 9.8 points out of 10.

Most of them are in System Management Mode (SMM), which provides power and hardware management.

SMM privileges exceed the rights of the OS kernel, so any security problems can have serious consequences for the system.

In particular, a local or remote attacker with administrator rights using SMM flaws can create backdoors, disable hardware features, install hard-to-remove software, and perform other actions.

Previously, she talked about how the Russians are being monitored through e-mail.

bbabo.Net