Описание
GIGABYTE BRIX UEFI firmware for the GB-BSi7H-6500 (version F6) and GB-BXi7-5775 (version F2) platforms does not securely implement BIOSWE, BLE, SMM_BWP, and PRx features. As a result, the BIOS is not protected from arbitrary write access and may permit modifications to the SPI flash.
Ссылки
- Third Party AdvisoryVDB Entry
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryVDB Entry
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:gigabyte:gb-bsi7h-6500_firmware:f6:*:*:*:*:*:*:*
cpe:2.3:h:gigabyte:gb-bsi7h-6500:-:*:*:*:*:*:*:*
Конфигурация 2
Одновременно
cpe:2.3:o:gigabyte:gb-bxi7-5775_firmware:f2:*:*:*:*:*:*:*
cpe:2.3:h:gigabyte:gb-bxi7-5775:-:*:*:*:*:*:*:*
EPSS
Процентиль: 86%
0.02844
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-693
CWE-20
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
GIGABYTE BRIX UEFI firmware for the GB-BSi7H-6500 (version F6) and GB-BXi7-5775 (version F2) platforms does not securely implement BIOSWE, BLE, SMM_BWP, and PRx features. As a result, the BIOS is not protected from arbitrary write access and may permit modifications to the SPI flash.
EPSS
Процентиль: 86%
0.02844
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-693
CWE-20