Logic error in MdeModulePkg in EDK II firmware may allow authenticated user to potentially bypass configuration access controls and escalate privileges via local access.
Elevation of Privilege
Medium 6.7 CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
This address the following issue in Tianocore Bugzilla: https://bugzilla.tianocore.org/show_bug.cgi?id=415
Patch to update firmware is: https://bugzilla.tianocore.org/attachment.cgi?id=44
This issue was discovered by Intel.