CVE-2014-8274: Multiple products that implement UEFI systems security bypass

2015-01-05T00:00:00
ID CVE-2014-8274
Type cve
Reporter NVD
Modified 2015-01-05T00:00:00

Description

Multiple products that implement UEFI systems could allow a local authenticated attacker to bypass security restrictions, caused by the failure to properly restrict access to the boot script used by the EFI S3 Resume Boot Path. An attacker could exploit this vulnerability to bypass various firmware write protections.