Improper access control in the Insyde software tools may allow an authenticated user to potentially enable escalation of privilege, or information disclosure via local access. This is a software vulnerability, not a firmware issue. Affected tools inc