Zero-day vulnerability in UEFI firmware

Embedded malicious code (backdoor)

Vulnerability details

Advisory: SB2023060107 - Backdoor in Gigabyte UEFI firmware

Vulnerable component: UEFI firmware

CVE-ID:

CVSSv3 score: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C

CWE-ID: CWE-506 - Embedded Malicious Code

Description:

The vulnerability allows a remote attacker to gain unauthorized access to the system.

The vulnerability exists due to presence of embedded malicious functionality (aka backdoor) in the UEFI firmware that was downloaded from the official website using the Gigabyte's App Center. This allows a remote attacker to gain full control over the system.

Note, the vulnerability is being actively exploited in the wild.