Lucene search
HP Product Security Response TeamHP:C05869089HistoryJan 04, 2018 - 12:00 a.m.
HPSBHF03572 rev. 4 - Unsafe Opcodes Exposed in SPI
2018-01-0400:00:00
HP Product Security Response Team
support.hp.com
11
EPSS
0
Percentile
5.1%
Potential Security Impact
Denial of Service
Source: Intel
Reported By: Intel
VULNERABILITY SUMMARY
Potential security vulnerabilities have been identified with how the SPI interface is configured on certain platforms. Specific SPI OpCodes may be left accessible and vulnerable to misuse.
In the lowest severity cases, the issue may allow malware to prevent component writes to portions of the SPI firmware device. In the highest severity cases, malware may be able to overwrite the firmware.
This issue affects both SPI HW Sequencing and SW Sequencing on Intel products with the Integrated SPI Controller.
RESOLUTION
HP has provided updates to mitigate this issue. Impacted HP products are shown in the table below.
Related
f5
f5
K19855851 : Intel SPI Flash vulnerability CVE-2017-5703
2018-12-20 00:00:00
ibm
ibm
lenovo
lenovo
System firmware Can Be Erased or Corrupted After Boot - Lenovo Support US
2019-01-17 15:06:04
System firmware Can Be Erased or Corrupted After Boot - US
2018-07-17 14:06:00
cvelist
cvelist
CVE-2017-5703
2018-04-03 21:00:00
prion
prion
Code injection
2018-04-03 21:29:00
nvd
nvd
CVE-2017-5703
2018-04-03 21:29:00
cve
cve
CVE-2017-5703
2018-04-03 21:29:00
nessus
nessus
F5 Networks BIG-IP : Intel SPI Flash vulnerability (K19855851)
2018-12-20 00:00:00