CVE-2018-12179

Name of the Vulnerable Software and Affected Versions EDK II (affected versions not specified)

Description The issue is related to improper configuration in system firmware for EDK II, which may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure, and/or denial of service via local access. It is also associated with insufficient access control in the open-source UEFI EDK2 development environment. Exploitation of the issue could allow an attacker to access confidential data, compromise its integrity, and cause a denial of service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.