Sign-up

ID

VAR-201501-0762


CVE

CVE-2014-8273


TITLE

Intel Chipsets Local Competitive Condition Security Bypass Vulnerability

Trust: 1.2

sources: CNVD: CNVD-2015-00288 // CNNVD: CNNVD-201501-119

DESCRIPTION

Successful exploitation of this vulnerability may result in a bypass of this locking mechanism. BIOS As a locking mechanism BIOS_CNTL.BIOSWE When BIOS_CNTL.BLE Use only Intel Corporation Made chipset has a competitive vulnerability (CWE-362) Exists. CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') http://cwe.mitre.org/data/definitions/362.html MITRE of Corey Kallenberg He says: * "When the BIOS_CNTL.BIOSWE bit is set to 1, the BIOS is made writable. Also contained with the BIOS_CNTL register is the BIOS_CNTL.BLE ("BIOS Lock Enable"). When BIOS_CNTL.BLE is set to 1, attempts to write enable the BIOS by setting BIOS_CNTL.BIOSWE to 1 will immediately generate a System Management Interrupt (SMI). It is the job of this SMI to determine whether or not it is permissible to write enable to the BIOS, and if not, immediately set BIOS_CNTL.BIOSWE back to 0; the end result being that the BIOS is not writable." This vulnerability BIOS_CNTL.BIOSWE But 1 Is set to SMI By 0 Until it is returned to BIOS Allows writing to.A user with physical access to the system may be able to write malicious code into the firmware. Also, SPI Flash UEFI Variable Area is write protected BIOS_CNTL.BIOSLE If you are only using UEFI Secure Boot May be bypassed. In addition, the firmware may be destroyed or the system may be halted. Intel is the world's largest manufacturer of personal computer parts and CPUs. Intel Chipsets are prone to a local race-condition security-bypass vulnerability. Local attackers can exploit this issue to perform certain unauthorized actions with elevated privileges

Trust: 2.25

sources: CERT/CC: VU#766164 // JVNDB: JVNDB-2015-001001 // CNVD: CNVD-2015-00288 // BID: 71869

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2015-00288

AFFECTED PRODUCTS

vendor:american megatrends incorporated amimodel: - scope: - version: -

Trust: 0.8

vendor:lenovomodel: - scope: - version: -

Trust: 0.8

vendor:phoenixmodel: - scope: - version: -

Trust: 0.8

vendor:multiple vendorsmodel: - scope: - version: -

Trust: 0.8

vendor:intelmodel:chipsetsscope: - version: -

Trust: 0.6

vendor:intelmodel:chipset c200 seriesscope: - version: -

Trust: 0.3

vendor:intelmodel:chipset seriesscope:eqversion:6

Trust: 0.3

sources: CERT/CC: VU#766164 // CNVD: CNVD-2015-00288 // BID: 71869 // JVNDB: JVNDB-2015-001001

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2014-8273
value: MEDIUM

Trust: 0.8

IPA: JVNDB-2015-001001
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2015-00288
value: MEDIUM

Trust: 0.6

NVD: CVE-2014-8273
severity: MEDIUM
baseScore: 6.0
vectorString: NONE
accessVector: LOCAL
accessComplexity: HIGH
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 1.5
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

IPA: JVNDB-2015-001001
severity: MEDIUM
baseScore: 6.0
vectorString: AV:L/AC:H/AU:S/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: HIGH
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

CNVD: CNVD-2015-00288
severity: MEDIUM
baseScore: 6.0
vectorString: AV:L/AC:H/AU:S/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: HIGH
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 1.5
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CERT/CC: VU#766164 // CNVD: CNVD-2015-00288 // JVNDB: JVNDB-2015-001001

PROBLEMTYPE DATA

problemtype:CWE-362

Trust: 0.8

sources: JVNDB: JVNDB-2015-001001

THREAT TYPE

local

Trust: 0.9

sources: BID: 71869 // CNNVD: CNNVD-201501-119

TYPE

Race Condition Error

Trust: 0.3

sources: BID: 71869

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2015-001001

EXPLOIT AVAILABILITY
sources:
            
            
            CERT/CC: VU#766164

PATCH
title:Intel 6 Series Chipset/Intel C200 Series Chipset: Datasheeturl:http://www.intel.com/content/www/us/en/chipsets/6-chipset-c200-chipset-datasheet.html
Trust: 0.8
title:Intel 8 Series/C220 Series Chipset Family Platform Controller Hub (PCH)url:http://www.intel.com/content/dam/www/public/us/en/documents/datasheets/8-series-chipset-pch-datasheet.pdf
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2015-001001

EXTERNAL IDS
db:CERT/CCid:VU#766164
Trust: 2.5
db:NVDid:CVE-2014-8273
Trust: 2.3
db:BIDid:71869
Trust: 1.5
db:JVNid:JVNVU96159942
Trust: 0.8
db:JVNDBid:JVNDB-2015-001001
Trust: 0.8
db:CNVDid:CNVD-2015-00288
Trust: 0.6
db:CNNVDid:CNNVD-201501-119
Trust: 0.6
sources:
            
            
            CERT/CC: VU#766164 // 
            
            
            
            CNVD: CNVD-2015-00288 // 
            
            
            
            BID: 71869 // 
            
            
            
            JVNDB: JVNDB-2015-001001 // 
            
            
            
            CNNVD: CNNVD-201501-119

REFERENCES
url:http://www.kb.cert.org/vuls/id/766164
Trust: 1.4
url:http://www.intel.com/content/www/us/en/chipsets/6-chipset-c200-chipset-datasheet.html
Trust: 1.1
url:http://cwe.mitre.org/data/definitions/362.html
Trust: 0.8
url:http://www.intel.com/content/dam/www/public/us/en/documents/datasheets/8-series-chipset-pch-datasheet.pdf
Trust: 0.8
url:https://support.lenovo.com/us/en/product_security/speed_racer
Trust: 0.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8273
Trust: 0.8
url:http://jvn.jp/vu/jvnvu96159942/index.html
Trust: 0.8
url:http://www.securityfocus.com/bid/71869
Trust: 0.6
url:http://www.kb.cert.org/vuls/id/766164 
Trust: 0.3
sources:
            
            
            CERT/CC: VU#766164 // 
            
            
            
            CNVD: CNVD-2015-00288 // 
            
            
            
            BID: 71869 // 
            
            
            
            JVNDB: JVNDB-2015-001001 // 
            
            
            
            CNNVD: CNNVD-201501-119

CREDITS
Corey Kallenberg and Rafal Wojtczuk
Trust: 0.9
sources:
            
            
            BID: 71869 // 
            
            
            
            CNNVD: CNNVD-201501-119

SOURCES
db:CERT/CCid:VU#766164
db:CNVDid:CNVD-2015-00288
db:BIDid:71869
db:JVNDBid:JVNDB-2015-001001
db:CNNVDid:CNNVD-201501-119

LAST UPDATE DATE
2024-09-09T23:20:26.136000+00:00

SOURCES UPDATE DATE
db:CERT/CCid:VU#766164date:2015-07-23T00:00:00
db:CNVDid:CNVD-2015-00288date:2015-01-14T00:00:00
db:BIDid:71869date:2015-01-05T00:00:00
db:JVNDBid:JVNDB-2015-001001date:2015-01-07T00:00:00
db:CNNVDid:CNNVD-201501-119date:2015-01-07T00:00:00

SOURCES RELEASE DATE
db:CERT/CCid:VU#766164date:2015-01-05T00:00:00
db:CNVDid:CNVD-2015-00288date:2015-01-14T00:00:00
db:BIDid:71869date:2015-01-05T00:00:00
db:JVNDBid:JVNDB-2015-001001date:2015-01-07T00:00:00
db:CNNVDid:CNNVD-201501-119date:2015-01-07T00:00:00