Description:
Fix several critical vulnerabilities of specified BIOS versions, preventing damage from those vulnerabilities being exploited.
OnLogic Security Advisory ID: OL-2024-080101
Type: Advisory
Fixed Vulnerabilities:
Vulnerability | Description | CVSS Base Score | CVSS Vector String | Found version | Fixed version |
---|---|---|---|---|---|
CVE-2023-45230,CVE-2023-45232, CVE-2023-45233,CVE-2023-45234 | Fix ipv6 issues discovered in EDK2 | 7.5 ~ 8.3 | CVSS:3.1 /AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H | V1.55 | V1.58 |
BRLY-2022-020 | Fix potential vulnerability in Insyde H20 | 7.7 | AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H | V1.55 | V1.58 |
BRLY-2023-005 | Found unsafe code flow and fixed it | 8.2 | AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H | V1.55 | V1.58 |
BRLY-2023-002 | Found unsafe code flow and fixed it | 8.2 | AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H | V1.55 | V1.58 |
First Public Date: 2024/10/13
Last Update Date: 2024/10/13
Affected Products:
Recommendation:
Update UEFI FW version to V1.58