INTEL-SA-00087 Safety Instructions for Intel SPI Flash
In early April Intel released information about a vulnerability in the SPI Flash' (CVE-2017-5703, INTEL-SA-00087).[1] This allows local attackers to manipulate the firmware via insecure opcodes, which can result in denial of service. This vulnerability is rated high by Intel with a CVSS v3 score of 7.9. This article provides background information about the vulnerability, which Intel CPUs are affected and more information about Thomas-Krenn systems.
Background information
In modern computer systems, the BIOS or UEFI firmware is stored in a Serial Peripheral Interface (SPI) Flash. For affected CPUs, a local attacker can change the behavior of the SPI flash memory. This can lead to denial of service. The boot process can be changed and BIOS/UEFI firmware updates can be prevented. It can even go as far as executing arbitrary code during the startup process.
According to Intel, the problem has been thoroughly analyzed and a mitigation is known and available. Although Intel says the vulnerability can only be exploited locally, it has a high CVSS v3 score of 7.9 (7.9 High - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H). It was discovered by Intel itself, active exploits are not yet known.
Affected Intel CPUs
The following table shows the CPUs affected according to Intel (as of 03.04.2018):
Xeon | Core | Pentium | Celeron | Atom | |
---|---|---|---|---|---|
Affected Intel CPUs | Scalable, E3 v6, E3 v5, E7 v4, E7 v3, E7 v2, Phi x200, D | 5th to 8th generation | N3520, J3710, N37XX, J4205, N4200 | N2920, N28XX, J3XXX, J3455, J3355, N3350, N3450 | x7-Z8XXX, x5-8XXX, x5-E8000, x7-E39XX, C-Series |
Affected systems from Thomas-Krenn
The article BIOS security updates shows the status of the available UEFI firmware/BIOS security updates for mainboards from Thomas-Krenn.
Further information
- Serial Peripheral Interface (de.wikipedia.org)
- Intel SPI Flash Flaw Lets Attackers Alter or Delete BIOS/UEFI Firmware (www.bleepingcomputer.com, 15.04.2018)
References
- ↑ Unsafe Opcodes exposed in Intel SPI based products (security-center.intel.com)
Changelog
- Version 1.0, 17.04.2018: Initial version with first information.
- Version 1.1, 10.07.2018: Added reference to a wiki article with a tabular list of available BIOS updates.
Author: Thomas Niedermeier Thomas Niedermeier working in the product management team at Thomas-Krenn, completed his bachelor's degree in business informatics at the Deggendorf University of Applied Sciences. Since 2013 Thomas is employed at Thomas-Krenn and takes care of OPNsense firewalls, the Thomas-Krenn-Wiki and firmware security updates.
|