UEFI is designed to scale up - servers that can boot from network, which brings a certain baseline complexity. It doesn't help that the designers didn't want to set any rules and run everything through a central, extensible function call dispatch.
The effect is that UEFI can load and run executables (from flash, disk, network), has a network stack and things like openssl (when did you last update your firmware's SSL implementation? :-) ), all of which process lots of ingress data - while maintaining a larger degree of control over the system than the OS that comes after it.
So, it's not UEFI-specific per-se, but UEFI's design was optimized for the large scale (it pretty much started on Itanium, so there) and at a time when security wasn't much of a priority.
Now they sit in that corner and look for ways out. Such as signature checks on executables (Secure Boot).
The effect is that UEFI can load and run executables (from flash, disk, network), has a network stack and things like openssl (when did you last update your firmware's SSL implementation? :-) ), all of which process lots of ingress data - while maintaining a larger degree of control over the system than the OS that comes after it.
So, it's not UEFI-specific per-se, but UEFI's design was optimized for the large scale (it pretty much started on Itanium, so there) and at a time when security wasn't much of a priority.
Now they sit in that corner and look for ways out. Such as signature checks on executables (Secure Boot).