CVE-2017-5703 - Unsafe Opcodes exposed in Intel SPI based products

Brink

Administrator
Staff member
Local time
12:00 AM
Messages
74,918
Location
Oklahoma
Unsafe Opcodes exposed in Intel SPI based products

Intel.png

Summary:

Configuration of SPI Flash in platforms based on multiple Intel CPUs allows a local attacker to alter the behavior of the SPI Flash, potentially leading to a Denial of Service. This issue has been root-caused, and the mitigation has been validated and is available.

Description:

Configuration of SPI Flash in platforms based on multiple, Intel platforms allows a local attacker to alter the behavior of the SPI Flash, potentially leading to a Denial of Service.

  • 7.9 High - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H
Affected products:

Platforms based on:

  • 8th generation Intel® Core™ Processors
  • 7th generation Intel® Core™ Processors
  • 6th generation Intel® Core™ Processors
  • 5th generation Intel® Core™ Processors
  • Intel® Pentium® and Celeron® Processor N3520, N2920, and N28XX
  • Intel® Atom™ Processor x7-Z8XXX, x5-8XXX Processor Family
  • Intel® Pentium™ Processor J3710 and N37XX
  • Intel® Celeron™ Processor J3XXX
  • Intel® Atom™ x5-E8000 Processor
  • Intel® Pentium® Processor J4205 and N4200
  • Intel® Celeron® Processor J3455, J3355, N3350, and N3450
  • Intel® Atom™ Processor x7-E39XX Processor
  • Intel® Xeon® Scalable Processors
  • Intel® Xeon® Processor E3 v6 Family
  • Intel® Xeon® Processor E3 v5 Family
  • Intel® Xeon® Processor E7 v4 Family
  • Intel® Xeon® Processor E7 v3 Family
  • Intel® Xeon® Processor E7 v2 Family
  • Intel® Xeon® Phi™ Processor x200
  • Intel® Xeon® Processor D Family
  • Intel® Atom™ Processor C Series
Recommendations:

Intel identified this issue internally. Issue is root-caused, and the mitigation is known and available. To Intel’s knowledge, the issue has not been seen externally.

Intel recommends that users always check with their system manufacturer’s support sites to make sure they have the latest, security updates installed.


Source: Intel Product Security Center


See also: System firmware Can Be Erased or Corrupted After Boot
 

My Computer My Computer

At a glance

64-bit Windows 11 Pro for WorkstationsIntel i7-8700K OC'd to 5 GHz64 GB (4x16GB) G.SKILL TridentZ RGB DDR4 3600...ASUS ROG-STRIX-GTX1080TI-O11G-GAMING
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Self built custom
OS
64-bit Windows 11 Pro for Workstations
CPU
Intel i7-8700K OC'd to 5 GHz
Motherboard
ASUS ROG Maximus XI Formula Z390
Memory
64 GB (4x16GB) G.SKILL TridentZ RGB DDR4 3600 MHz
Graphics Card(s)
ASUS ROG-STRIX-GTX1080TI-O11G-GAMING
Sound Card
Integrated
Monitor(s) Displays
2 x Samsung Odyssey G7 27"
Screen Resolution
2560x1440
Hard Drives
1TB Samsung 990 PRO M.2,
4TB Samsung 990 PRO PRO M.2,
TerraMaster F8 SSD Plus NAS
PSU
Seasonic Prime Titanium 850W
Case
Thermaltake Core P3
Cooling
Corsair Hydro H115i
Keyboard
Logitech wireless K800
Mouse
Logitech MX Master 4
Internet Speed
2 Gb/s Download and 100 Mb/s Upload
Antivirus
Malwarebyte Anti-Malware Premium
Browser
Google Chrome
Other Info
Logitech Z625 speaker system,
Logitech BRIO 4K Pro webcam,
HP Color LaserJet Pro MFP M477fdn,
APC SMART-UPS RT 1000 XL - SURT1000XLI,
Galaxy S23 Plus phone
Back
Top