29. Unauthenticated Firmware Chain-of-Trust Bypass {#unauthenticated-firmware-chain-of-trust-bypass}

Description:

Platform sample code firmware included with 4th Gen Intel® Core™ Processor (Haswell), 5th Gen Intel® Core™ Processor (Broadwell), 6th Gen Intel® Core™ Processor (Skylake), 7th Gen Intel® Core™ Processor (Kaby Lake) and 8th Gen Intel® Core™ Processor (Coffee Lake and Cannon Lake) contains a logic error allowing physical attacker to bypass firmware authentication.

Impact

Elevation of Privilege

Severity

High - 7.6 CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Recommendation:

Intel recommends that end-users contact their system manufacturers for updated system firmware.

Acknowledgments:

The issue was reported by Trammell Hudson

References:

CVE-2018-12169

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

unauthenticated-firmware-chain-of-trust-bypass.md

unauthenticated-firmware-chain-of-trust-bypass.md

29. Unauthenticated Firmware Chain-of-Trust Bypass {#unauthenticated-firmware-chain-of-trust-bypass}

Description:

Impact

Severity

Recommendation:

Acknowledgments:

References:

Files

unauthenticated-firmware-chain-of-trust-bypass.md

Latest commit

History

unauthenticated-firmware-chain-of-trust-bypass.md

File metadata and controls

29. Unauthenticated Firmware Chain-of-Trust Bypass {#unauthenticated-firmware-chain-of-trust-bypass}

Description:

Impact

Severity

Recommendation:

Acknowledgments:

References: