Vulnerability: Lack of Capsule Signature Validation in Intense PC Phoenix SecureCore UEFI Firmware

Vulnerability: Lack of Capsule Signature Validation in Intense PC Phoenix SecureCore UEFI Firmware

CVE-2017-9457 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

Intense PC Phoenix SecureCore UEFI firmware does not perform capsule signature validation before upgrading the system firmware. The absence of signature validation allows an attacker with administrator privileges to flash a modified UEFI BIOS.

Learn more about our Cis Benchmark Audit For Apple Ios.