CVE-2017-9457 (GCVE-0-2017-9457)

Vulnerability from cvelistv5 – Published: 2017-07-25 14:00 – Updated: 2024-08-05 17:11

Summary

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

FKIE_CVE-2017-9457

Vulnerability from fkie_nvd - Published: 2017-07-25 14:29 - Updated: 2025-04-20 01:37

Severity ?

6.7 (Medium) - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
cve@mitre.org	http://packetstormsecurity.com/files/143481/Compulab-Intense-PC-MintBox-2-Signature-Verification.html	Third Party Advisory, VDB Entry
cve@mitre.org	http://seclists.org/fulldisclosure/2017/Jul/56	Mailing List, Third Party Advisory
cve@mitre.org	https://watchmysys.com/blog/2017/07/cve-2017-9457-compulab-intense-pc-lacks-firmware-validation/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/143481/Compulab-Intense-PC-MintBox-2-Signature-Verification.html	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://seclists.org/fulldisclosure/2017/Jul/56	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://watchmysys.com/blog/2017/07/cve-2017-9457-compulab-intense-pc-lacks-firmware-validation/	Third Party Advisory

Impacted products

	Vendor	Product	Version
	compulab	intense_pc_firmware	*
	compulab	intense_pc	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:compulab:intense_pc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D42B7384-0A9E-40C6-B8DA-2C537F90F951",
              "versionEndIncluding": "cr_2.2.0.400.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:compulab:intense_pc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F825C891-97AC-4AF2-9F48-F50BF7CF067D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Intense PC Phoenix SecureCore UEFI firmware does not perform capsule signature validation before upgrading the system firmware. The absence of signature validation allows an attacker with administrator privileges to flash a modified UEFI BIOS."
    },
    {
      "lang": "es",
      "value": "El firmware UEFI de Phoenix SecureCore de Intense PC, no realiza la comprobaci\u00f3n de firma de c\u00e1psula anterior a actualizar el firmware del sistema. La ausencia de comprobaci\u00f3n de firma permite a un atacante con privilegios de administrador actualizar una BIOS UEFI modificada."
    }
  ],
  "id": "CVE-2017-9457",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-07-25T14:29:00.317",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/143481/Compulab-Intense-PC-MintBox-2-Signature-Verification.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/fulldisclosure/2017/Jul/56"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://watchmysys.com/blog/2017/07/cve-2017-9457-compulab-intense-pc-lacks-firmware-validation/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/143481/Compulab-Intense-PC-MintBox-2-Signature-Verification.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/fulldisclosure/2017/Jul/56"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://watchmysys.com/blog/2017/07/cve-2017-9457-compulab-intense-pc-lacks-firmware-validation/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

VAR-201707-1049

Vulnerability from variot - Updated: 2025-04-20 23:32

Intense PC Phoenix SecureCore UEFI firmware does not perform capsule signature validation before upgrading the system firmware. The absence of signature validation allows an attacker with administrator privileges to flash a modified UEFI BIOS. Intense PC Phoenix SecureCore UEFI The firmware contains a vulnerability related to input validation.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. CompuLabIntensePC is a mini PC device from CompuLab, Israel. An attacker could exploit this vulnerability to read and write to any system firmware. Credits: Hal Martin Website: watchmysys.com Source: https://watchmysys.com/blog/2017/07/cve-2017-9457-compulab-intense-pc-lacks-firmware-validation/

Vendor:

CompuLab (compulab.com)

Product:

Intense PC / MintBox 2

Vulnerability type:

Platform lacks signature verification and does not validate firmware update before flashing

CVE Reference:

CVE-2017-9457

Summary:

Since 2013 CompuLab manufactures and sells the Intense PC (also sold under the name "MintBox 2"), which is a small Intel-based fanless PC sold to end-users and industrial customers. No timeline was provided to implement capsule signature verification.

Affected versions:

All firmware versions since product release (latest public firmware is 21 May 2017)

Attack Vector:

An attacker tricks the user into running a malicious executable with local administrator privileges, which updates the system firmware to include the attacker's code. The attacker may instead use a known OS exploit to perform the upgrade remotely (without user interaction or notification).

Proof of concept:

I have created a modified firmware update which replaces the stock UEFI shell with the UEFI shell from EDK2. The update can be flashed from within Windows without any user interaction or notification. Firmware updates are not signed by CompuLab or verified by the existing firmware before upgrade.

The modified update, based on the 21 May 2017 firmware, can be downloaded here: https://watchmysys.com/blog/wp-content/uploads/2017/07/update-IPC-20170521-edk2.zip

Details of the full proof of concept can be found at the Source link above.

Mitigation:

At this time there is no means for the end user to enable Capsule Signature verification or to prevent the Phoenix update utility from updating the system firmware.

Therefore Intense PC owners should consider the following options:

Ensure your operating system is up to date with the latest security patches. Do not run software from untrusted sources.
Do not connect your Intense PC to any networks with internet access (i.e. air-gap the computer).

Disclosure timeline:

6 June 2017: Issue reported to CompuLab 6 June 2017: CompuLab confirms that aDefault settings of this source tree [Phoenix SecureCore Tiano Enhanced Intel Ivy Bridge CPU Panther Point M] has disabled Capsule Signature option.a 6 June 2017: Issue is reported to MITRE 6 June 2017: Vulnerability is assigned CVE-2017-9457 7 June 2017: CompuLab are informed that the vulnerability has been assigned CVE-2017-9457 and details of the vulnerability will be published after 45 days 22 July 2017: Details of the vulnerability are published

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201707-1049",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "intense pc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "compulab",
        "version": "cr_2.2.0.400.2"
      },
      {
        "model": "intense pc",
        "scope": null,
        "trust": 0.8,
        "vendor": "compulab",
        "version": null
      },
      {
        "model": "intense pc \u003c=cr 2.2.0.400.2",
        "scope": null,
        "trust": 0.6,
        "vendor": "compulab",
        "version": null
      },
      {
        "model": "intense pc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "compulab",
        "version": "cr_2.2.0.400.2"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-26600"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-006818"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201706-163"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-9457"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:compulab:intense_pc_firmware",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-006818"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Hal Martin",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "143481"
      }
    ],
    "trust": 0.1
  },
  "cve": "CVE-2017-9457",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2017-9457",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "id": "CNVD-2017-26600",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "id": "VHN-117660",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 0.8,
            "id": "CVE-2017-9457",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2017-9457",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2017-9457",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2017-26600",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201706-163",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-117660",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-26600"
      },
      {
        "db": "VULHUB",
        "id": "VHN-117660"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-006818"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201706-163"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-9457"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Intense PC Phoenix SecureCore UEFI firmware does not perform capsule signature validation before upgrading the system firmware. The absence of signature validation allows an attacker with administrator privileges to flash a modified UEFI BIOS. Intense PC Phoenix SecureCore UEFI The firmware contains a vulnerability related to input validation.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. CompuLabIntensePC is a mini PC device from CompuLab, Israel. An attacker could exploit this vulnerability to read and write to any system firmware. Credits: Hal Martin\nWebsite: watchmysys.com\nSource: https://watchmysys.com/blog/2017/07/cve-2017-9457-compulab-intense-pc-lacks-firmware-validation/\n\n\nVendor:\n====================\nCompuLab (compulab.com)\n\n\nProduct:\n====================\nIntense PC / MintBox 2\n\n\nVulnerability type:\n====================\nPlatform lacks signature verification and does not validate firmware update before flashing\n\n\nCVE Reference:\n====================\nCVE-2017-9457\n\n\nSummary:\n====================\nSince 2013 CompuLab manufactures and sells the Intense PC (also sold under the name \"MintBox 2\"), which is a small Intel-based fanless PC sold to end-users and industrial customers. No timeline was provided to implement capsule signature verification. \n\n\nAffected versions:\n====================\nAll firmware versions since product release (latest public firmware is 21 May 2017)\n\n\nAttack Vector:\n====================\nAn attacker tricks the user into running a malicious executable with local administrator privileges, which updates the system firmware to include the attacker\u0027s code. The attacker may instead use a known OS exploit to perform the upgrade remotely (without user interaction or notification). \n\n\nProof of concept:\n====================\nI have created a modified firmware update which replaces the stock UEFI shell with the UEFI shell from EDK2. The update can be flashed from within Windows without any user interaction or notification. Firmware updates are not signed by CompuLab or verified by the existing firmware before upgrade. \n\nThe modified update, based on the 21 May 2017 firmware, can be downloaded here: https://watchmysys.com/blog/wp-content/uploads/2017/07/update-IPC-20170521-edk2.zip\n\nDetails of the full proof of concept can be found at the Source link above. \n\n\nMitigation:\n====================\nAt this time there is no means for the end user to enable Capsule Signature verification or to prevent the Phoenix update utility from updating the system firmware. \n\nTherefore Intense PC owners should consider the following options:\n\n- Ensure your operating system is up to date with the latest security patches. Do not run software from untrusted sources. \n- Do not connect your Intense PC to any networks with internet access (i.e. air-gap the computer). \n\n\nDisclosure timeline:\n====================\n6 June 2017: Issue reported to CompuLab\n6 June 2017: CompuLab confirms that aDefault settings of this source tree [Phoenix SecureCore Tiano Enhanced Intel Ivy Bridge CPU Panther Point M] has disabled Capsule Signature option.a\n6 June 2017: Issue is reported to MITRE\n6 June 2017: Vulnerability is assigned CVE-2017-9457\n7 June 2017: CompuLab are informed that the vulnerability has been assigned CVE-2017-9457 and details of the vulnerability will be published after 45 days\n22 July 2017: Details of the vulnerability are published\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-9457"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-006818"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-26600"
      },
      {
        "db": "VULHUB",
        "id": "VHN-117660"
      },
      {
        "db": "PACKETSTORM",
        "id": "143481"
      }
    ],
    "trust": 2.34
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-117660",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-117660"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-9457",
        "trust": 3.2
      },
      {
        "db": "PACKETSTORM",
        "id": "143481",
        "trust": 1.2
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-006818",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201706-163",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-26600",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-117660",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-26600"
      },
      {
        "db": "VULHUB",
        "id": "VHN-117660"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-006818"
      },
      {
        "db": "PACKETSTORM",
        "id": "143481"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201706-163"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-9457"
      }
    ]
  },
  "id": "VAR-201707-1049",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-26600"
      },
      {
        "db": "VULHUB",
        "id": "VHN-117660"
      }
    ],
    "trust": 1.4857143
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-26600"
      }
    ]
  },
  "last_update_date": "2025-04-20T23:32:52.391000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www.compulab.com/"
      },
      {
        "title": "CompuLabIntensePC enters a patch to verify the vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/102100"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-26600"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-006818"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-20",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-117660"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-006818"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-9457"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.6,
        "url": "https://watchmysys.com/blog/2017/07/cve-2017-9457-compulab-intense-pc-lacks-firmware-validation/"
      },
      {
        "trust": 1.7,
        "url": "http://seclists.org/fulldisclosure/2017/jul/56"
      },
      {
        "trust": 1.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-9457"
      },
      {
        "trust": 1.1,
        "url": "http://packetstormsecurity.com/files/143481/compulab-intense-pc-mintbox-2-signature-verification.html"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-9457"
      },
      {
        "trust": 0.1,
        "url": "https://watchmysys.com/blog/wp-content/uploads/2017/07/update-ipc-20170521-edk2.zip"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-26600"
      },
      {
        "db": "VULHUB",
        "id": "VHN-117660"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-006818"
      },
      {
        "db": "PACKETSTORM",
        "id": "143481"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201706-163"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-9457"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-26600"
      },
      {
        "db": "VULHUB",
        "id": "VHN-117660"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-006818"
      },
      {
        "db": "PACKETSTORM",
        "id": "143481"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201706-163"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-9457"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-09-13T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-26600"
      },
      {
        "date": "2017-07-25T00:00:00",
        "db": "VULHUB",
        "id": "VHN-117660"
      },
      {
        "date": "2017-09-05T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-006818"
      },
      {
        "date": "2017-07-23T13:33:33",
        "db": "PACKETSTORM",
        "id": "143481"
      },
      {
        "date": "2017-06-07T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201706-163"
      },
      {
        "date": "2017-07-25T14:29:00.317000",
        "db": "NVD",
        "id": "CVE-2017-9457"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-09-14T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-26600"
      },
      {
        "date": "2017-08-10T00:00:00",
        "db": "VULHUB",
        "id": "VHN-117660"
      },
      {
        "date": "2017-09-05T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-006818"
      },
      {
        "date": "2017-08-15T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201706-163"
      },
      {
        "date": "2025-04-20T01:37:25.860000",
        "db": "NVD",
        "id": "CVE-2017-9457"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201706-163"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "CompuLab Intense PC Input Validation Vulnerability",
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-26600"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201706-163"
      }
    ],
    "trust": 1.2
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "input validation",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201706-163"
      }
    ],
    "trust": 0.6
  }
}

CNVD-2017-26600

Vulnerability from cnvd - Published: 2017-09-13

Title

CompuLab Intense PC输入验证漏洞

Description

CompuLab Intense PC是以色列CompuLab公司的一款迷你型PC设备。使用cr_2.2.0.400.2版本固件的CompuLab Intense PC中存在安全漏洞，该漏洞源于Phoenix SecureCore UEFI固件未能执行capsule签名验证。攻击者可利用该漏洞读取和写入任意的系统固件。

Severity

高

Patch Name

CompuLab Intense PC输入验证漏洞的补丁

Patch Description

Formal description

目前厂商已发布升级补丁以修复漏洞，详情请关注厂商主页： http://www.compulab.com/

Reference

https://nvd.nist.gov/vuln/detail/CVE-2017-9457

Impacted products

Name
CompuLab Intense PC <=cr_2.2.0.400.2

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-9457"
    }
  },
  "description": "CompuLab Intense PC\u662f\u4ee5\u8272\u5217CompuLab\u516c\u53f8\u7684\u4e00\u6b3e\u8ff7\u4f60\u578bPC\u8bbe\u5907\u3002\r\n\r\n\u4f7f\u7528cr_2.2.0.400.2\u7248\u672c\u56fa\u4ef6\u7684CompuLab Intense PC\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8ePhoenix SecureCore UEFI\u56fa\u4ef6\u672a\u80fd\u6267\u884ccapsule\u7b7e\u540d\u9a8c\u8bc1\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u8bfb\u53d6\u548c\u5199\u5165\u4efb\u610f\u7684\u7cfb\u7edf\u56fa\u4ef6\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8be6\u60c5\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\uff1a\r\nhttp://www.compulab.com/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-26600",
  "openTime": "2017-09-13",
  "patchDescription": "CompuLab Intense PC\u662f\u4ee5\u8272\u5217CompuLab\u516c\u53f8\u7684\u4e00\u6b3e\u8ff7\u4f60\u578bPC\u8bbe\u5907\u3002\r\n\r\n\u4f7f\u7528cr_2.2.0.400.2\u7248\u672c\u56fa\u4ef6\u7684CompuLab Intense PC\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8ePhoenix SecureCore UEFI\u56fa\u4ef6\u672a\u80fd\u6267\u884ccapsule\u7b7e\u540d\u9a8c\u8bc1\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u8bfb\u53d6\u548c\u5199\u5165\u4efb\u610f\u7684\u7cfb\u7edf\u56fa\u4ef6\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "CompuLab Intense PC\u8f93\u5165\u9a8c\u8bc1\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "CompuLab Intense PC \u003c=cr_2.2.0.400.2"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2017-9457",
  "serverity": "\u9ad8",
  "submitTime": "2017-07-26",
  "title": "CompuLab Intense PC\u8f93\u5165\u9a8c\u8bc1\u6f0f\u6d1e"
}

GHSA-9Q3P-FV9F-WWXJ

Vulnerability from github – Published: 2022-05-17 02:15 – Updated: 2025-04-20 03:41

Details

Severity ?

6.7 (Medium)


                  
                    CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2017-9457"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-07-25T14:29:00Z",
    "severity": "HIGH"
  },
  "details": "Intense PC Phoenix SecureCore UEFI firmware does not perform capsule signature validation before upgrading the system firmware. The absence of signature validation allows an attacker with administrator privileges to flash a modified UEFI BIOS.",
  "id": "GHSA-9q3p-fv9f-wwxj",
  "modified": "2025-04-20T03:41:22Z",
  "published": "2022-05-17T02:15:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9457"
    },
    {
      "type": "WEB",
      "url": "https://watchmysys.com/blog/2017/07/cve-2017-9457-compulab-intense-pc-lacks-firmware-validation"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/143481/Compulab-Intense-PC-MintBox-2-Signature-Verification.html"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2017/Jul/56"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2017-9457

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2017-9457

Aliases

CVE-2017-9457

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2017-9457",
    "description": "Intense PC Phoenix SecureCore UEFI firmware does not perform capsule signature validation before upgrading the system firmware. The absence of signature validation allows an attacker with administrator privileges to flash a modified UEFI BIOS.",
    "id": "GSD-2017-9457"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2017-9457"
      ],
      "details": "Intense PC Phoenix SecureCore UEFI firmware does not perform capsule signature validation before upgrading the system firmware. The absence of signature validation allows an attacker with administrator privileges to flash a modified UEFI BIOS.",
      "id": "GSD-2017-9457",
      "modified": "2023-12-13T01:21:07.292962Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2017-9457",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Intense PC Phoenix SecureCore UEFI firmware does not perform capsule signature validation before upgrading the system firmware. The absence of signature validation allows an attacker with administrator privileges to flash a modified UEFI BIOS."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "20170724 CVE-2017-9457 CompuLab Intense PC lacks firmware signature validation",
            "refsource": "FULLDISC",
            "url": "http://seclists.org/fulldisclosure/2017/Jul/56"
          },
          {
            "name": "http://packetstormsecurity.com/files/143481/Compulab-Intense-PC-MintBox-2-Signature-Verification.html",
            "refsource": "MISC",
            "url": "http://packetstormsecurity.com/files/143481/Compulab-Intense-PC-MintBox-2-Signature-Verification.html"
          },
          {
            "name": "https://watchmysys.com/blog/2017/07/cve-2017-9457-compulab-intense-pc-lacks-firmware-validation/",
            "refsource": "MISC",
            "url": "https://watchmysys.com/blog/2017/07/cve-2017-9457-compulab-intense-pc-lacks-firmware-validation/"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:compulab:intense_pc_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "cr_2.2.0.400.2",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:compulab:intense_pc:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-9457"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Intense PC Phoenix SecureCore UEFI firmware does not perform capsule signature validation before upgrading the system firmware. The absence of signature validation allows an attacker with administrator privileges to flash a modified UEFI BIOS."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://watchmysys.com/blog/2017/07/cve-2017-9457-compulab-intense-pc-lacks-firmware-validation/",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://watchmysys.com/blog/2017/07/cve-2017-9457-compulab-intense-pc-lacks-firmware-validation/"
            },
            {
              "name": "20170724 CVE-2017-9457 CompuLab Intense PC lacks firmware signature validation",
              "refsource": "FULLDISC",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://seclists.org/fulldisclosure/2017/Jul/56"
            },
            {
              "name": "http://packetstormsecurity.com/files/143481/Compulab-Intense-PC-MintBox-2-Signature-Verification.html",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://packetstormsecurity.com/files/143481/Compulab-Intense-PC-MintBox-2-Signature-Verification.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 0.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2017-08-10T15:37Z",
      "publishedDate": "2017-07-25T14:29Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2017-9457 (GCVE-0-2017-9457)

FKIE_CVE-2017-9457

VAR-201707-1049

Vendor:

Product:

Vulnerability type:

CVE Reference:

Summary:

Affected versions:

Attack Vector:

Proof of concept:

Mitigation:

Disclosure timeline:

CNVD-2017-26600

GHSA-9Q3P-FV9F-WWXJ

GSD-2017-9457

Tags

Sightings

Nomenclature