UEFI firmware vulnerabilities affect at least 25 computer vendors
In this article from BleepingComputer, researchers have found 23 flaws in the InsydeH2O UEFI firmware. Expect firmware updates to be released. It will be critical to apply these to your systems. 3 of the flaws are rated a critical severity score of 9.8 out of 10. The 23 flaws are tracked as: CVE-2020-27339, CVE-2020-5953, CVE-2021-33625, CVE-2021-33626, CVE-2021-33627, CVE-2021-41837, CVE-2021-41838, CVE-2021-41839, CVE-2021-41840, CVE-2021-41841, CVE-2021-42059, CVE-2021-42060, CVE-2021-42113, CVE-2021-42554, CVE-2021-43323, CVE-2021-43522, CVE-2021-43615, CVE-2021-45969, CVE-2021-45970, CVE-2021-45971, CVE-2022-24030, CVE-2022-24031, CVE-2022-24069.