Vulnerability-Lookup

CNVD-2017-26600

Vulnerability from cnvd - Published: 2017-09-13

Title

CompuLab Intense PC输入验证漏洞

Description

CompuLab Intense PC是以色列CompuLab公司的一款迷你型PC设备。使用cr_2.2.0.400.2版本固件的CompuLab Intense PC中存在安全漏洞，该漏洞源于Phoenix SecureCore UEFI固件未能执行capsule签名验证。攻击者可利用该漏洞读取和写入任意的系统固件。

Severity

高

Patch Name

CompuLab Intense PC输入验证漏洞的补丁

Patch Description

Formal description

目前厂商已发布升级补丁以修复漏洞，详情请关注厂商主页： http://www.compulab.com/

Reference

https://nvd.nist.gov/vuln/detail/CVE-2017-9457

Impacted products

Name
CompuLab Intense PC <=cr_2.2.0.400.2

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-9457"
    }
  },
  "description": "CompuLab Intense PC\u662f\u4ee5\u8272\u5217CompuLab\u516c\u53f8\u7684\u4e00\u6b3e\u8ff7\u4f60\u578bPC\u8bbe\u5907\u3002\r\n\r\n\u4f7f\u7528cr_2.2.0.400.2\u7248\u672c\u56fa\u4ef6\u7684CompuLab Intense PC\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8ePhoenix SecureCore UEFI\u56fa\u4ef6\u672a\u80fd\u6267\u884ccapsule\u7b7e\u540d\u9a8c\u8bc1\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u8bfb\u53d6\u548c\u5199\u5165\u4efb\u610f\u7684\u7cfb\u7edf\u56fa\u4ef6\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8be6\u60c5\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\uff1a\r\nhttp://www.compulab.com/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-26600",
  "openTime": "2017-09-13",
  "patchDescription": "CompuLab Intense PC\u662f\u4ee5\u8272\u5217CompuLab\u516c\u53f8\u7684\u4e00\u6b3e\u8ff7\u4f60\u578bPC\u8bbe\u5907\u3002\r\n\r\n\u4f7f\u7528cr_2.2.0.400.2\u7248\u672c\u56fa\u4ef6\u7684CompuLab Intense PC\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8ePhoenix SecureCore UEFI\u56fa\u4ef6\u672a\u80fd\u6267\u884ccapsule\u7b7e\u540d\u9a8c\u8bc1\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u8bfb\u53d6\u548c\u5199\u5165\u4efb\u610f\u7684\u7cfb\u7edf\u56fa\u4ef6\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "CompuLab Intense PC\u8f93\u5165\u9a8c\u8bc1\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "CompuLab Intense PC \u003c=cr_2.2.0.400.2"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2017-9457",
  "serverity": "\u9ad8",
  "submitTime": "2017-07-26",
  "title": "CompuLab Intense PC\u8f93\u5165\u9a8c\u8bc1\u6f0f\u6d1e"
}

CVE-2017-9457 (GCVE-0-2017-9457)

Vulnerability from cvelistv5 – Published: 2017-07-25 14:00 – Updated: 2024-08-05 17:11

Summary

Intense PC Phoenix SecureCore UEFI firmware does not perform capsule signature validation before upgrading the system firmware. The absence of signature validation allows an attacker with administrator privileges to flash a modified UEFI BIOS.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://seclists.org/fulldisclosure/2017/Jul/56	mailing-listx_refsource_FULLDISC
	http://packetstormsecurity.com/files/143481/Compu…	x_refsource_MISC
	https://watchmysys.com/blog/2017/07/cve-2017-9457…	x_refsource_MISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T17:11:01.236Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20170724 CVE-2017-9457 CompuLab Intense PC lacks firmware signature validation",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2017/Jul/56"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/143481/Compulab-Intense-PC-MintBox-2-Signature-Verification.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://watchmysys.com/blog/2017/07/cve-2017-9457-compulab-intense-pc-lacks-firmware-validation/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-07-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Intense PC Phoenix SecureCore UEFI firmware does not perform capsule signature validation before upgrading the system firmware. The absence of signature validation allows an attacker with administrator privileges to flash a modified UEFI BIOS."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-15T11:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20170724 CVE-2017-9457 CompuLab Intense PC lacks firmware signature validation",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2017/Jul/56"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/143481/Compulab-Intense-PC-MintBox-2-Signature-Verification.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://watchmysys.com/blog/2017/07/cve-2017-9457-compulab-intense-pc-lacks-firmware-validation/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-9457",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Intense PC Phoenix SecureCore UEFI firmware does not perform capsule signature validation before upgrading the system firmware. The absence of signature validation allows an attacker with administrator privileges to flash a modified UEFI BIOS."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20170724 CVE-2017-9457 CompuLab Intense PC lacks firmware signature validation",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2017/Jul/56"
            },
            {
              "name": "http://packetstormsecurity.com/files/143481/Compulab-Intense-PC-MintBox-2-Signature-Verification.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/143481/Compulab-Intense-PC-MintBox-2-Signature-Verification.html"
            },
            {
              "name": "https://watchmysys.com/blog/2017/07/cve-2017-9457-compulab-intense-pc-lacks-firmware-validation/",
              "refsource": "MISC",
              "url": "https://watchmysys.com/blog/2017/07/cve-2017-9457-compulab-intense-pc-lacks-firmware-validation/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-9457",
    "datePublished": "2017-07-25T14:00:00",
    "dateReserved": "2017-06-06T00:00:00",
    "dateUpdated": "2024-08-05T17:11:01.236Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2017-26600

CVE-2017-9457 (GCVE-0-2017-9457)

Tags

Sightings

Nomenclature