Description:
Fix several critical vulnerabilities of specified BIOS versions, preventing damage from those vulnerabilities being exploited.
OnLogic Security Advisory ID: OL-2025-090102
Type: Advisory
Fixed Vulnerabilities:
| Vulnerability | Description | CVSS Base Score | CVSS Vector String | Found version | Fixed version |
|---|---|---|---|---|---|
| CVE-2014-3686 | Found and fixed unsafe code flow | 6.8 | AV:N/AC:M/Au:N/C:P/I:P/A:P | D7870A13 | N7870A01 |
| CVE-2015-0210 | Found and fixed unsafe code flow | 5.9 | AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N | D7870A13 | N7870A01 |
| CVE-2015-1863 | Found and fixed unsafe code flow | 5.8 | AV:A/AC:L/Au:N/C:P/I:P/A:P | D7870A13 | N7870A01 |
| CVE-2015-4141 | Found and fixed unsafe code flow | 4.3 | AV:N/AC:M/Au:N/C:N/I:N/A:P | D7870A13 | N7870A01 |
| CVE-2015-4142 | Found and fixed unsafe code flow | 4.3 | V:N/AC:M/Au:N/C:N/I:N/A:P | D7870A13 | N7870A01 |
| CVE-2015-4143 | Found and fixed unsafe code flow | 5 | AV:N/AC:L/Au:N/C:N/I:N/A:P | D7870A13 | N7870A01 |
| CVE-2015-4144 | Found and fixed unsafe code flow | 5 | AV:N/AC:L/Au:N/C:N/I:N/A:P | D7870A13 | N7870A01 |
| CVE-2015-4145 | Found and fixed unsafe code flow | 5 | AV:N/AC:L/Au:N/C:N/I:N/A:P | D7870A13 | N7870A01 |
| CVE-2015-4146 | Found and fixed unsafe code flow | 5 | AV:N/AC:L/Au:N/C:N/I:N/A:P | D7870A13 | N7870A01 |
| BRLY-2022-009,BRLY-2023-021 | Found and fixed vulnerability for potential risk during PEI phase | 8.2 | AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H | D7870A13 | N7870A01 |
| BRLY-2022-160 | Found and fixed unsafe code flow | 6 | AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N | D7870A13 | N7870A01 |
| PKfail | Untrusted Platform Key (PK) identified (PKfail) | N/A | D7870A13 | N7870A01 | |
BRLY-LOGOFAIL-2023-013, BRLK-LOGOFAIL-2023-021 | Found and fixed unsafe code flow | 6 | AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H | D7870A13 | N7870A01 |
First Public Date: 2025/03/11
Last Update Date: 2025/03/11
Affected Products:
Update BIOS version to N7870A01