Quote:A vulnerability affecting a powerful and widely used driver from Intel can give malicious actors deep access to a device, firmware security company Eclypsium warns.
 
Eclypsium revealed in August that its researchers had identified serious vulnerabilities in more than 40 device drivers from 20 vendors, including AMI, ASRock, ASUS, ATI, Biostar, EVGA, Getac, Gigabyte, Huawei, Insyde, Intel, MSI, NVIDIA, Phoenix Technologies, Realtek, SuperMicro and Toshiba.
 
The flaws uncovered by the company can be exploited by a piece of malware to escalate privileges to kernel mode, allowing it to gain control over both the operating system and hardware and firmware interfaces.
 
Of all the vendors notified by Eclypsium until August, only Intel and Huawei released patches and advisories, and Phoenix and Insyde provided fixes to their OEM customers.
 
Eclypsium now says Intel this week also released patches for a vulnerability in its PMx Driver (PMxDrv). The security flaw affecting the PMx driver poses a serious risk due to the fact that the driver can read and write to physical memory, to model specific registers, control registers, IDT and GDT descriptor tables, and to debug registers. The driver can also gain I/O and PCI access.
 
“This level of access can provide an attacker with near-omnipotent control over a victim device,” Eclypsium warned in a blog post published on Tuesday.