11 matches found
EUVD-2017-18390
Malware in sbrugna...
CompuLab Intense PC Input Validation Vulnerability
The CompuLab Intense PC is a miniature PC device from CompuLab Israel. A security vulnerability exists in CompuLab Intense PCs using firmware version cr2.2.0.400.2, which stems from a failure of the Phoenix SecureCore UEFI firmware to perform capsule signature verification. An attacker can exploi...
CVE-2017-9457
Intense PC Phoenix SecureCore UEFI firmware does not perform capsule signature validation before upgrading the system firmware. The absence of signature validation allows an attacker with administrator privileges to flash a modified UEFI BIOS...
CVE-2017-9457
Intense PC Phoenix SecureCore UEFI firmware does not perform capsule signature validation before upgrading the system firmware. The absence of signature validation allows an attacker with administrator privileges to flash a modified UEFI BIOS...
Input validation
Intense PC Phoenix SecureCore UEFI firmware does not perform capsule signature validation before upgrading the system firmware. The absence of signature validation allows an attacker with administrator privileges to flash a modified UEFI BIOS...
CompuLab Intense PC and MintBox 2 BIOS Privilege Vulnerability
The CompuLab Intense PC and MintBox 2 are both mini-PC devices from CompuLab Israel. the BIOS is a ROM on-chip application. A BIOS privilege vulnerability exists in CompuLab Intense PC and MintBox 2 using versions of BIOS prior to 2017-05-21, which stems from the program's failure to apply write...
CVE-2017-8083
CompuLab Intense PC and MintBox 2 devices with BIOS before 2017-05-21 do not use the CloseMnf protection mechanism for write protection of flash memory regions, which allows local users to install a firmware rootkit by leveraging administrative privileges...
CVE-2017-8083
CompuLab Intense PC and MintBox 2 devices with BIOS before 2017-05-21 do not use the CloseMnf protection mechanism for write protection of flash memory regions, which allows local users to install a firmware rootkit by leveraging administrative privileges...
Design/Logic Flaw
CompuLab Intense PC and MintBox 2 devices with BIOS before 2017-05-21 do not use the CloseMnf protection mechanism for write protection of flash memory regions, which allows local users to install a firmware rootkit by leveraging administrative privileges...
CVE-2017-8083
CVE-2017-8083 affects CompuLab Intense PC and MintBox 2 BIOS prior to 2017-05-21. The BIOS does not apply CloseMnf write-protection to flash memory regions, allowing a local attacker with administrative privileges to install a firmware rootkit. No remediation details are provided in the connected...
CVE-2017-8083
CompuLab Intense PC and MintBox 2 devices with BIOS before 2017-05-21 do not use the CloseMnf protection mechanism for write protection of flash memory regions, which allows local users to install a firmware rootkit by leveraging administrative privileges...