cve 2021 28216

CVE-2021-28216 is a UEFI firmware vulnerability in the EDK II (TianoCore) reference implementation. It involves insecure handling of the BootPerformanceTable pointer, which is read from an NVRAM variable during the Pre-EFI Initialization (PEI) phase. This can allow an attacker with physical or local access to manipulate the pointer, potentially leading to arbitrary code execution at boot time. A common mitigation is to disable FPDT S3 support by setting PcdFirmwarePerformanceDataTableS3Support to FALSE in the firmware configuration. The vulnerability highlights the risks of trusting pointers stored in non-volatile variables during early boot stages. Discussions on WindowsForum.com cover the technical details, affected platforms, and practical steps for system administrators and firmware developers to secure their systems against this class of attack.