Lucene search

CVE-2017-3198

🗓️ 09 Jul 2018 19:00:29Reported by certccType

GIGABYTE BRIX UEFI firmware lacks image validation, vulnerable to arbitrary modifications over HTT

Reporter	Title	Published	Views	Family All 5
AttackerKB	GIGABYTE BRIX UEFI firmware is not cryptographically signed	9 Jul 201800:00	–	attackerkb
Prion	Code injection	9 Jul 201819:29	–	prion
Cvelist	CVE-2017-3198 GIGABYTE BRIX UEFI firmware is not cryptographically signed	9 Jul 201819:00	–	cvelist
NVD	CVE-2017-3198	9 Jul 201819:29	–	nvd
CERT	GIGABYTE BRIX UEFI firmware fails to implement write protection and is not cryptographically signed	31 Mar 201700:00	–	cert

Nvd

Node

gigabyte gb-bsi7h-6500_firmwareMatchf6

AND

gigabyte gb-bsi7h-6500Match-

Node

gigabyte gb-bxi7-5775_firmwareMatchf2

AND

gigabyte gb-bxi7-5775Match-

[
  {
    "product": "GB-BSi7H-6500",
    "vendor": "GIGABYTE",
    "versions": [
      {
        "status": "affected",
        "version": "F6"
      }
    ]
  },
  {
    "product": "GB-BXi7-5775",
    "vendor": "GIGABYTE",
    "versions": [
      {
        "status": "affected",
        "version": "F2"
      }
    ]
  }
]

Source	Link
securityfocus	www.securityfocus.com/bid/97294
kb	www.kb.cert.org/vuls/id/507496
cylance	www.cylance.com/en_us/blog/gigabyte-brix-systems-vulnerabilities.html

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

09 Jul 2018 19:29Current

9.5High risk

Vulners AI Score9.5

CVSS210

CVSS39.8

EPSS0.00989

cve-2017-3198 gigabyte brix uefi firmware image validation firmware update http security vulnerability nvd