CVE-2018-12169 Information
Feb 14, 2021
cve
Description
Platform sample code firmware in 4th Generation Intel Core Processor 5th Generation Intel Core Processor 6th Generation Intel Core Processor 7th Generation Intel Core Processor and 8th Generation Intel Core Processor contains a logic error which may allow physical attacker to potentially bypass firmware authentication.
CVSS Vector
CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Reference
http://www.securityfocus.com/bid/105387 https://edk2-docs.gitbooks.io/security-advisory/content/unauthenticated-firmware-chain-of-trust-bypass.html https://support.lenovo.com/us/en/solutions/LEN-20527
Attack Complexity
LOW
Privileges Required
NONE
User Interaction Required
NONE
Scope
NONE
Confidentiality Impact
CHANGED
Integrity Impact
HIGH
Availability Impact
HIGH
Base Score
HIGH
Base Severity
7.6
Share on: