Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Endpoint Security

Vulnerability in Acer Laptops Allows Attackers to Disable Secure Boot

A vulnerability impacting multiple Acer laptop models could allow an attacker to disable the Secure Boot feature and bypass security protections to install malware.

A vulnerability impacting multiple Acer laptop models could allow an attacker to disable the Secure Boot feature and bypass security protections to install malware.

Tracked as CVE-2022-4020 (CVSS score of 8.1), the vulnerability was identified in the HQSwSmiDxe DXE driver, which checks for the existence of the ‘BootOrderSecureBootDisable’ NVRAM variable to disable Secure Boot.

“Vulnerability in the HQSwSmiDxe DXE driver on some consumer Acer Notebook devices may allow an attacker with elevated privileges to modify UEFI Secure Boot settings by modifying an NVRAM variable,” a National Vulnerability Database advisory explains.

Acer explains that the vulnerability may allow an attacker to tamper with Secure Boot settings simply by creating NVRAM variables. Because the affected firmware driver only checks for the existence of the variables, their actual value is not important.

“By disabling the Secure Boot feature, an attacker can load their own unsigned malicious bootloader to allow absolute control over the OS loading process. This can allow them to disable or bypass protections to silently deploy their own payloads with the system privileges,” Acer notes.

Impacted device models, the computer maker says, include Aspire A315-22, A115-21, and A315-22G, and Extensa EX215-21 and EX215-21G.

“Acer is working on a BIOS update to resolve this issue that will be posted on the Acer Support site. Acer recommends updating your BIOS to the latest version to resolve this issue. This update will be included as a critical Windows update,” the company notes.

ESET security researcher Martin Smolar was credited for discovering and reporting the vulnerability.

Advertisement. Scroll to continue reading.

According to ESET, this issue is like CVE-2022-3431, a vulnerability in the DXE driver BootOrderDxe of some Lenovo laptops which, just as the HQSwSmiDxe DXE driver, checks for the existences of a BootOrderSecureBootDisable variable and disables Secure Boot if it exists.

ESET warned of this Lenovo bug in early November, urging users to update the BIOS on impacted devices as soon as possible.

Now, the cybersecurity company is raising the alarm on this Acer vulnerability, urging users to keep an eye out for the patches.

“In addition to Lenovo vulnerabilities we disclosed earlier this month, we discovered another similar vulnerability in Acer laptops. Same as in Lenovo case, it allows deactivating UEFI Secure Boot by creating NVRAM variable directly from OS,” ESET notes.

Related: Lenovo Patches UEFI Code Execution Vulnerability Affecting Many Laptops

Related: HP Patches UEFI Vulnerabilities Affecting Over 200 Computers

Related: High-Severity UEFI Vulnerabilities Patched in Dell Enterprise Laptops

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

People on the Move

Gigamon has promoted Tony Jarjoura to CFO and Ram Bhide has been hired as Senior VP of engineering.

Cloud security firm Mitiga has appointed Charlie Thomas as Chief Executive Officer.

Cynet announced the appointment of Jason Magee as Chief Executive Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.