A vulnerability in Intel’s Serial Peripheral Interface (SPI) may allow an attacker to edit or block BIOS/UEFI updates or erase firmware.
An error in the configuration of the SPI Flash memory can result in its behaviour being modified by an attacker. This is a mandatory component of the boot-up process on affected devices and any changes to it will most likely result in denial-of-service or damage to the device.
At the time of publication there are no known exploits of this vulnerability.
CVE Number – CVE-2017-5703
Platforms based on:-
- 8th generation Intel® Core™ Processors
- 7th generation Intel® Core™ Processors
- 6th generation Intel® Core™ Processors
- 5th generation Intel® Core™ Processors
- Intel® Pentium® and Celeron® Processor N3520, N2920, and N28XX
- Intel® Atom™ Processor x7-Z8XXX, x5-8XXX Processor Family
- Intel® Pentium™ Processor J3710 and N37XX
- Intel® Celeron™ Processor J3XXX
- Intel® Atom™ x5-E8000 Processor
- Intel® Pentium® Processor J4205 and N4200
- Intel® Celeron® Processor J3455, J3355, N3350, and N3450
- Intel® Atom™ Processor x7-E39XX Processor
- Intel® Xeon® Scalable Processors
- Intel® Xeon® Processor E3 v6 Family
- Intel® Xeon® Processor E3 v5 Family
- Intel® Xeon® Processor E7 v4 Family
- Intel® Xeon® Processor E7 v3 Family
- Intel® Xeon® Processor E7 v2 Family
- Intel® Xeon® Phi™ Processor x200
- Intel® Xeon® Processor D Family
- Intel® Atom™ Processor C Series
Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.