c12bae5e-271a-4263-9225-1141ff87563d
Inappropriate granting of user rights can provide system, administrative, and other high-level capabilities.
Accounts with the "Modify firmware environment values" user right can change hardware configuration environment variables. This could result in hardware failures or a denial of service.
To fix this configure the policy value for
Computer Configuration
|_ Windows Settings
|_ Security Settings
|_ Local Policies
|_ User Rights Assignment
|_ Modify firmware environment values to include only the following accounts or groups:
- Administrators
STIG: Server
2025: https://system32.eventsentry.com/stig/viewer/V-278258
2022: https://system32.eventsentry.com/stig/viewer/V-254508
2019: https://system32.eventsentry.com/stig/viewer/V-205764
2016: https://system32.eventsentry.com/stig/viewer/V-225087
Desktop
W11: https://system32.eventsentry.com/stig/viewer/V-253502
W10: https://system32.eventsentry.com/stig/viewer/V-220979
NIST 800-53 : AC-3, AC-6, CM-6, SI-7
NIST 800-171: 3.1.1, 3.1.2, 3.4.6
CMMC v2.0 L2: AC.L2-3.1.1, AC.L2-3.1.2, CM.L2-3.4.6
PCI-DSS v4.0: 2.2.1, 7.2.1
HIPAA SR : ยง164.312(a)(1)
HIPAA HICP : Practice 2 (Endpoint Protection), Practice 3 (Identity and Access Management)
Manage your cookie preferences below:
To learn more about our use of cookies, please see our
Privacy Policy.