I feel like 99% of these existential vulnerabilities can only be utilized by state actors until some NSA bozo leaks it because he got demoted for stalking his ex girlfriend
well why'd you tell everyone, now somebody is going to try to exploit it!
It's normal white-hat practice. White hat hacker ethics require you to contact the company and give them lots of chances to fix it.
But if they refuse to fix it or inform people of the vulnerability you broad-band it to the world because it's the only way to force the company's hand.
It sounds like you basically need to have root access to the computer to take advantage of this. Like if someone can use this your system is already totally pwned. But, like, if a spy or something gets access to a machine they could load this and then it'd be in the system with no way to find it or dig it out.
Hmm, So, with root access one can place arbitrary code in the firmware of the CPU, which can be accessed by the OS and ran. I wonder what if an infected computer has a root hack patched? Would it still be possible access the code in user space? Or is this effectively neutralized until the computer is reinfected by the attacker with something that gives root access.
It's funny how often I read FUD articles in the news that basically sum up to be "hackers can spy on you if they have physical access to your computer". This is actually a big one and I hope it gets effectively patched ASAP. Especially for embedded devices.