Description:
Fix several critical vulnerabilities of specified BIOS versions, preventing damage from those vulnerabilities being exploited.
OnLogic Security Advisory ID: OL-2024-090101
Type: Advisory
Fixed Vulnerabilities:
| Vulnerability | Description | CVSS Base Score | CVSS Vector String | Found version | Fixed version |
|---|---|---|---|---|---|
| BRLY-2022-009 | Found and fixed vulnerability for potential risk during PEI phase | 8.2 | AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H | D7870A13 | D7870A15.01 |
| BRLY-2022-160 | Found and fixed unsafe code flow | 6 | AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N | D7870A13 | D7870A15.01 |
| PKfail | Untrusted Platform Key (PK) identified (PKfail) | N/A | D7870A13 | D7870A15.01 |
First Public Date: 2024/10/13
Last Update Date: 2025/02/03
Affected Products:
Recommendation:
Update BIOS version to VD7870A15.01