CVE-2017-8083 Information
Feb 14, 2021
cve
Description
CompuLab Intense PC and MintBox 2 devices with BIOS before 2017-05-21 do not use the CloseMnf protection mechanism for write protection of flash memory regions which allows local users to install a firmware rootkit by leveraging administrative privileges.
CVSS Vector
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Reference
http://seclists.org/fulldisclosure/2017/Jun/6 https://watchmysys.com/blog/2017/06/cve-2017-8083-compulab-intensepc-lacks-bios-wp/
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction Required
HIGH
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
HIGH
Availability Impact
HIGH
Base Score
HIGH
Base Severity
6.7
Share on: