CVE-2022-4020EPSS p14.8%

CVE-2022-4020CVE-2022-4020

acer / aspire_a315-22g_firmware

Description

Vulnerability in the HQSwSmiDxe DXE driver on some consumer Acer Notebook devices may allow an attacker with elevated privileges to modify UEFI Secure Boot settings by modifying an NVRAM variable.

Scoring

CVSS 8.1 ()
VectorCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:H
EPSS0.24% probability of exploitation · percentile 14.8% · 2026-06-19T12:03:05Z
Last modified2026-06-17
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.