CVE-2017-3198
NONE EPSS 72.8%
Published Jul 9, 20187y ago · Modified Jun 17, 20262w ago
Published Jul 9, 2018 7y ago
Last Modified Jun 17, 2026 2w ago
Description
GIGABYTE BRIX UEFI firmware does not cryptographically validate images prior to updating the system firmware. Additionally, the firmware updates are served over HTTP. An attacker can make arbitrary modifications to firmware images without being detected.
Threat Intelligence
EPSS Exploit Probability
72.8% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available
Weaknesses 3
CWE-311
CWE-345
CWE-347
Affected Products 4
References 3
- securityfocus.com http://www.securityfocus.com/bid/97294
- cylance.com https://www.cylance.com/en_us/blog/gigabyte-brix-systems-vulnerabilities.html
- kb.cert.org https://www.kb.cert.org/vuls/id/507496
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.