30. EDK II Authenticated Variable Bypass
Logic error in MdeModulePkg in EDK II firmware may allow authenticated user to potentially bypass configuration access controls and escalate privileges via local access.
Elevation of Privilege
Medium 6.7 CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
This address the following issue in Tianocore Bugzilla:
https://bugzilla.tianocore.org/show_bug.cgi?id=415
This issue was discovered by Intel.
CVE-2018-3613