Many Gigabyte motherboards are vulnerable to UEFI firmware flaws that enable malware like bootkits to remain hidden and persistent. These vulnerabilities, found in the firmware supplied by American Megatrends, could allow attackers with admin permissions to escalate privileges or install malicious code below the operating system. #GigabyteMotherboards #BootkitMalware
Keypoints
- Over 240 motherboard models from Gigabyte are affected by high-severity firmware vulnerabilities.
- The vulnerabilities originate from the AMI firmware code and may allow privilege escalation and firmware modification.
- Researchers from Binarly discovered four critical CVEs impacting the SMI handlers in Gigabyte firmware.
- Gigabyte has not yet released official security patches or bulletin, especially for end-of-life products.
- Affected users should monitor for firmware updates and use detection tools to identify vulnerabilities.