VAR-201807-0115
Vulnerability from variot - Updated: 2023-12-18 12:44GIGABYTE BRIX UEFI firmware does not cryptographically validate images prior to updating the system firmware. Additionally, the firmware updates are served over HTTP. An attacker can make arbitrary modifications to firmware images without being detected. It also is not cryptographically signed. These issues can be used to run rootkits at the firmware level or permanently disrupt service to the system. (DoS) It is possible to execute an attack. Failure of protection mechanism (CWE-693) - CVE-2017-3197 GIGABYTE BRIX Platform to protect firmware writing BIOSWE , BLE , SMM_BWP , PRx There is a problem where the bits are not set properly. as a result, SPI flash May be tampered with. Also, from the support page without checksum HTTP Is provided via. For more information, Cylance Advisory for CLVA-2017-01-001 and CLVA-2017-01-002 Please refer to. CLVA-2017-01-001 https://github.com/CylanceVulnResearch/disclosures/blob/master/CLVA-2017-01-001.md CLVA-2017-01-002 https://github.com/CylanceVulnResearch/disclosures/blob/master/CLVA-2017-01-002.mdAn attacker could run a rootkit at the firmware level or permanently disrupt service to the system (DoS) An attack may be executed. Multiple GIGABYTE Products are prone to multiple security-bypass vulnerabilities. A local attacker may exploit these issues to bypass certain security restrictions and perform unauthorized actions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201807-0115",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "gb-bsi7h-6500",
"scope": "eq",
"trust": 1.6,
"vendor": "gigabyte",
"version": "f6"
},
{
"model": "gb-bxi7-5775",
"scope": "eq",
"trust": 1.6,
"vendor": "gigabyte",
"version": "f2"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gigabyte",
"version": null
},
{
"model": "brix gb-bsi7h-6500",
"scope": "eq",
"trust": 0.8,
"vendor": "gigabyte",
"version": "(uefi firmware version f6)"
},
{
"model": "brix gb-bxi7-5775",
"scope": "eq",
"trust": 0.8,
"vendor": "gigabyte",
"version": "(uefi firmware version f2)"
},
{
"model": "gb-bxi7-5775 brix uefi vf6",
"scope": null,
"trust": 0.3,
"vendor": "gigabyte",
"version": null
},
{
"model": "gb-bxi7-5775 brix uefi vf2",
"scope": null,
"trust": 0.3,
"vendor": "gigabyte",
"version": null
},
{
"model": "gb-bsi7h-6500 brix uefi vf6",
"scope": null,
"trust": 0.3,
"vendor": "gigabyte",
"version": null
},
{
"model": "gb-bsi7h-6500 brix uefi vf2",
"scope": null,
"trust": 0.3,
"vendor": "gigabyte",
"version": null
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#507496"
},
{
"db": "BID",
"id": "97294"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005602"
},
{
"db": "NVD",
"id": "CVE-2017-3198"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-591"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:gigabyte:gb-bsi7h-6500_firmware:f6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:gigabyte:gb-bsi7h-6500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:gigabyte:gb-bxi7-5775_firmware:f2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:gigabyte:gb-bxi7-5775:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-3198"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alex Matrosov of Cylance",
"sources": [
{
"db": "BID",
"id": "97294"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-591"
}
],
"trust": 0.9
},
"cve": "CVE-2017-3198",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "High",
"accessVector": "Network",
"authentication": "None",
"author": "IPA",
"availabilityImpact": "Complete",
"baseScore": 7.6,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "JVNDB-2017-005602",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-111401",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2017-3198",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Local",
"author": "IPA",
"availabilityImpact": "High",
"baseScore": 7.0,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2017-005602",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-3198",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "IPA",
"id": "JVNDB-2017-005602",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201704-591",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-111401",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2017-3198",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-111401"
},
{
"db": "VULMON",
"id": "CVE-2017-3198"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005602"
},
{
"db": "NVD",
"id": "CVE-2017-3198"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-591"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "GIGABYTE BRIX UEFI firmware does not cryptographically validate images prior to updating the system firmware. Additionally, the firmware updates are served over HTTP. An attacker can make arbitrary modifications to firmware images without being detected. It also is not cryptographically signed. These issues can be used to run rootkits at the firmware level or permanently disrupt service to the system. (DoS) It is possible to execute an attack. Failure of protection mechanism (CWE-693) - CVE-2017-3197 GIGABYTE BRIX Platform to protect firmware writing BIOSWE , BLE , SMM_BWP , PRx There is a problem where the bits are not set properly. as a result, SPI flash May be tampered with. Also, from the support page without checksum HTTP Is provided via. For more information, Cylance Advisory for CLVA-2017-01-001 and CLVA-2017-01-002 Please refer to. CLVA-2017-01-001 https://github.com/CylanceVulnResearch/disclosures/blob/master/CLVA-2017-01-001.md CLVA-2017-01-002 https://github.com/CylanceVulnResearch/disclosures/blob/master/CLVA-2017-01-002.mdAn attacker could run a rootkit at the firmware level or permanently disrupt service to the system (DoS) An attack may be executed. Multiple GIGABYTE Products are prone to multiple security-bypass vulnerabilities. \nA local attacker may exploit these issues to bypass certain security restrictions and perform unauthorized actions",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-3198"
},
{
"db": "CERT/CC",
"id": "VU#507496"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005602"
},
{
"db": "BID",
"id": "97294"
},
{
"db": "VULHUB",
"id": "VHN-111401"
},
{
"db": "VULMON",
"id": "CVE-2017-3198"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#507496",
"trust": 3.7
},
{
"db": "NVD",
"id": "CVE-2017-3198",
"trust": 2.9
},
{
"db": "BID",
"id": "97294",
"trust": 2.1
},
{
"db": "JVN",
"id": "JVNVU90556561",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005602",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201704-591",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-111401",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2017-3198",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#507496"
},
{
"db": "VULHUB",
"id": "VHN-111401"
},
{
"db": "VULMON",
"id": "CVE-2017-3198"
},
{
"db": "BID",
"id": "97294"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005602"
},
{
"db": "NVD",
"id": "CVE-2017-3198"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-591"
}
]
},
"id": "VAR-201807-0115",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-111401"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:44:00.526000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "GB-BSi7H-6500",
"trust": 0.8,
"url": "http://www.gigabyte.us/mini-pcbarebone/gb-bsi7h-6500-rev-10#ov"
},
{
"title": "GB-BXi7-5775",
"trust": 0.8,
"url": "http://www.gigabyte.us/mini-pcbarebone/gb-bxi7-5775-rev-10#ov"
},
{
"title": "Various GIGABYTE product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=70177"
},
{
"title": "BleepingComputer",
"trust": 0.1,
"url": "https://www.bleepingcomputer.com/news/security/gigabyte-firmware-flaws-allow-the-installation-of-uefi-ransomware/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-3198"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005602"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-591"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-311",
"trust": 1.1
},
{
"problemtype": "CWE-347",
"trust": 1.1
},
{
"problemtype": "CWE-345",
"trust": 0.8
},
{
"problemtype": "CWE-693",
"trust": 0.8
},
{
"problemtype": "CWE-310",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-111401"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005602"
},
{
"db": "NVD",
"id": "CVE-2017-3198"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://www.kb.cert.org/vuls/id/507496"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/97294"
},
{
"trust": 1.8,
"url": "https://www.cylance.com/en_us/blog/gigabyte-brix-systems-vulnerabilities.html"
},
{
"trust": 1.1,
"url": "https://github.com/cylancevulnresearch/disclosures/blob/master/clva-2017-01-002.md"
},
{
"trust": 0.8,
"url": "https://cwe.mitre.org/data/definitions/693.html"
},
{
"trust": 0.8,
"url": "https://cwe.mitre.org/data/definitions/353.html"
},
{
"trust": 0.8,
"url": "http://www.gigabyte.us/mini-pcbarebone/gb-bsi7h-6500-rev-10"
},
{
"trust": 0.8,
"url": "http://www.gigabyte.us/mini-pcbarebone/gb-bxi7-5775-rev-10"
},
{
"trust": 0.8,
"url": "https://github.com/cylancevulnresearch/disclosures/blob/master/clva-2017-01-001.md"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-3197"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-3198"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu90556561/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-3197"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-3198"
},
{
"trust": 0.3,
"url": "http://www.gigabyte.us/mini-pcbarebone/gb-bxi7-5775-rev-10#ov"
},
{
"trust": 0.3,
"url": "https://github.com/cylancevulnresearch/disclosures/blob/master/clva-2017-01-001.md "
},
{
"trust": 0.3,
"url": "http://www.gigabyte.us/mini-pcbarebone/gb-bsi7h-6500-rev-10#ov "
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/507496 "
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/347.html"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/311.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#507496"
},
{
"db": "VULHUB",
"id": "VHN-111401"
},
{
"db": "VULMON",
"id": "CVE-2017-3198"
},
{
"db": "BID",
"id": "97294"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005602"
},
{
"db": "NVD",
"id": "CVE-2017-3198"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-591"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#507496"
},
{
"db": "VULHUB",
"id": "VHN-111401"
},
{
"db": "VULMON",
"id": "CVE-2017-3198"
},
{
"db": "BID",
"id": "97294"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005602"
},
{
"db": "NVD",
"id": "CVE-2017-3198"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-591"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-03-31T00:00:00",
"db": "CERT/CC",
"id": "VU#507496"
},
{
"date": "2018-07-09T00:00:00",
"db": "VULHUB",
"id": "VHN-111401"
},
{
"date": "2018-07-09T00:00:00",
"db": "VULMON",
"id": "CVE-2017-3198"
},
{
"date": "2017-03-31T00:00:00",
"db": "BID",
"id": "97294"
},
{
"date": "2017-08-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-005602"
},
{
"date": "2018-07-09T19:29:00.343000",
"db": "NVD",
"id": "CVE-2017-3198"
},
{
"date": "2017-03-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-591"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-03-31T00:00:00",
"db": "CERT/CC",
"id": "VU#507496"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-111401"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULMON",
"id": "CVE-2017-3198"
},
{
"date": "2017-04-04T00:03:00",
"db": "BID",
"id": "97294"
},
{
"date": "2017-08-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-005602"
},
{
"date": "2019-10-09T23:27:22.040000",
"db": "NVD",
"id": "CVE-2017-3198"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-591"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201704-591"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "GIGABYTE BRIX UEFI firmware fails to implement write protection and is not cryptographically signed",
"sources": [
{
"db": "CERT/CC",
"id": "VU#507496"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "data forgery",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201704-591"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…