Description:
Fix several critical vulnerabilities of specified BIOS versions, preventing damage from those vulnerabilities being exploited.
OnLogic Security Advisory ID: OL-2025-090103
Type: Advisory
Fixed Vulnerabilities:
| Vulnerability | Description | CVSS Base Score | CVSS Vector String | Found version | Fixed version |
|---|---|---|---|---|---|
| BRLY-2022-009 | Found and fixed vulnerability for potential risk during PEI phase | 8.2 | AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H | D7820A09 | D7820A11 |
| PKFail | Untrusted Platform Key (PK) identified (PKfail) | N/A | N/A | D7820A09 | D7820A11 |
| BRLY-OemUnlockKeyLeak | The certificate is expired | N/A | N/A | D7820A09 | D7820A11 |
| BRLY-2023-021 | Found and fixed unsafe code flow | 6 | AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H | D7820A09 | D7820A11 |
| BRLY-2022-160 | Found and fixed unsafe code flow | 6 | AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N | D7820A09 | D7820A11 |
First Public Date: 2025/03/11
Last Update Date: 2025/03/11
Affected Products:
Recommendation:
Update BIOS version to D7820A11