CyberNews Briefs

Acer Firmware Flaw Lets Attackers Bypass Key Security Feature

Security researchers at ESET have identified a flaw tracked as CVE-2022-4020 impacting the Acer firmware. The flaw impacts five of the company’s laptop models and could allow an attacker to disable a device’s Secure Boot settings, leading to malware execution and disarming of security measures. The flaw was discovered on some versions of consumer Acer Aspire and Extensa notebooks, according to ESET.

An attacker with elevated privileges could exploit the flaw to modify the Secure Boot settings via an NVRAM variable, ESET stated in a series of tweets. ESET notified Acer of the flaw, and the company is currently investigating and taking the necessary actions to ensure the security of its consumers.

Read More: Acer Firmware Flaw Lets Attackers Bypass Key Security Feature

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.