In Phoenix SCT WinFlash 1.1.12.0 through 1.5.74.0, the included drivers could be used by a malicious Windows application to gain elevated privileges. Adverse impacts are limited to the Windows environment and there is no known direct impact to the UEFI firmware. This was fixed in late June 2019.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2019-11-13T17:34:20
Updated: 2024-08-05T01:47:14.162Z
Reserved: 2019-10-23T00:00:00
Link: CVE-2019-18279
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2019-11-13T18:15:11.000
Modified: 2023-12-08T18:54:42.680
Link: CVE-2019-18279
Redhat
No data.