CVE-2022-2154 Information

Description

An attacker with physical access can exploit this vulnerability to execute arbitrary code during DXE phase. A malicious code installed as a result of vulnerability exploitation in DXE driver could survive across an operating system (OS) boot process and runtime This issue affects: Module name: AMITSE SHA256: 288769fcb374d9280735e259c579e2dc209491f4da43b085d6aabc2d6e6ee57d Module GUID: b1da0adf-4f77-4070-a88e-bffe1c60529a This issue affects: AMI Aptio 5.x.

Reference

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00712.html https://www.binarly.io/advisories/BRLY-2022-015 https://www.ami.com/security-center/