系微安全保證
系微自20年前成立以來,產品的安全可靠至關重要。數以百計的OEM及ODM合作夥伴信任我們,使我們能夠建立構成其產品基礎的平台,因為我們知道我們共同致力於確保其產品的安全性。產品安全是我們公司的首要任務,也是我們每天不斷改進的重點領域。
- 我們是業界領先的韌體標準機構安全審核小組成員之一; 即為UEFI安全響應小組。
- 我們擁有內部產品安全專家,可於我們的BIOS及BMC韌體團隊中推動我們的安全開發生命週期(SDL)流程,並評估現有與新出現的安全威脅。
- 當發現漏洞緩解時,我們會定期發布及時的安全警報公告。
- 我們緊密地與所有晶片供應商合作夥伴共同合作,以確保能及時和關鍵地提供微碼(microcode)更新和其他補救方法。
在系微,我們與廣泛的業界廠商合作,以查明、回報、緩解和披露安全漏洞。系微能提供給您與我們的客戶及合作夥伴在任何可能危及其平台安全性或隱私內容上的可靠支援。我們非常認真及嚴謹地擔任這個角色,因為如果您的韌體不安全,那麼您的產品就不安全了。
這是我們對您的保證,如果您對系微安全承諾上有任何疑問時,歡迎隨時透過此信箱 security.report@insyde.com 與我們聯繫。
系微首席技術長, Tim Lewis
Please know that Insyde Software is working closely with Intel, AMD and other partners to provide timely updates to help mitigate these recent issues and many more.
Insyde Software Tool Security Advisory:
Document and CVE #s to be provided when available
| Common Vulnerabilities and Exposures (CVE) | CVSS v3 Vulnerability Severity | Description | Insyde Security Advisory (SA) | Original Date | Last Revised |
| CVE-2019-12532 | 6.9 | Improper access control in the Insyde software tools may allow an authenticated user to potentially enable escalation of privilege, or information disclosure via local access. | INSYDE-SA-2019001 | 08/12/2019 | - |
Various Side Channel Exploits:
Document and CVE #s to be provided when available
| Common Vulnerabilities and Exposures (CVE) | CVSS v3 Vulnerability Severity | Description | Intel Security Advisory (SA) | Original Date | Last Revised |
| CVE-2019-0170 | 8.2 | Buffer overflow in subsystem in Intel(R) Dynamic Application Loader before [12.0.35] may allow privileged user to potentially enable escalation of privilege via local access. | PSIRT-TA-201901-002 | 05/14/2019 | - |
| CVE-2019-0153 | 9.0 | Buffer overflow in subsystem in Intel(R) CSME before 12.0.35 may allow unauthenticated user to potentially enable escalation of privilege via network access. | PSIRT-TA-201901-002 | 05/14/2019 | - |
| CVE-2019-0126 | 7.2 | Insufficient access control in Silicon Reference firmware for Intel (R) Xeon (R) Scalable Processor, Intel (R) Xeon (R) Processor D Family may allow privileged user to potentially enable escalation of privilege or denial of service via local access | PSIRT-TA-201901-006 | 05/14/2019 | - |
| CVE-2019-0120 | 5.3 | Insufficient key protection vulnerability in Silicon Reference firmware for Intel(R) Pentium(R) Processor J Series, Intel(R) Pentium(R) Processor N Series, Intel(R) Celeron(R) J Series, Intel(R) Celeron(R) N Series, Intel(R) Atom(R) Processor A Series, Intel(R) Atom(R) Processor E3900 Series, Intel(R) Pentium(R) Processor Silver Series may allow privileged user to potentially enable denial of service via local access. | PSIRT-TA-201901-006 | 05/14/2019 | - |
| CVE-2019-0119 | 5.7 | Buffer overflow vulnerability in system firmware for Intel (R) Xeon (R) Processor D Family, Intel (R) Xeon (R) Scalable Processor, Intel(R) Server Board, Intel(R) Server System and Intel(R) Compute Module may allow privileged user to potentially enable escalation of privilege or denial of service via local access. | PSIRT-TA-201901-006 | 05/14/2019 | - |
| CVE-2019-0098 | 5.7 | Logic bug vulnerability in subsystem for Intel(R) CSME before version 12.0.35, Intel(R) TXE before 3.1.65, 4.0.15may allow unauthenticated user to potentially enable escalation of privilege via physical access. | PSIRT-TA-201901-002 | 05/14/2019 | - |
| CVE-2019-0097 | 4.9 | Insufficient input validation vulnerability in subsystem for Intel(R) Active Management Technology (Intel(R) AMT) before version 12.0.35 may allow privileged user to potentially enable denial of service via network access. | PSIRT-TA-201901-002 | 05/14/2019 | - |
| CVE-2019-0096 | 6.7 | Out of bound write vulnerability in subsystem for Intel(R) Active Management Technology (Intel(R) AMT) before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow authenticated user to potentially enable escalation of privilege via adjacent network access. | PSIRT-TA-201901-002 | 05/14/2019 | - |
| CVE-2019-0094 | 4.3 | Insufficient input validation vulnerability in subsystem for Intel(R) Active Management Technology (Intel(R) AMT) before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow unauthenticated user to potentially enable denial of service via adjacent network access | PSIRT-TA-201901-002 | 05/14/2019 | - |
| CVE-2019-0093 | 2.3 | Insufficient data sanitization vulnerability in HECI subsystem for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35, Intel(R) Server Platform Services before version SPS_E3_05.00.04.027.0 may allow privileged user to potentially enable information disclosure via local access | PSIRT-TA-201901-002 | 05/14/2019 | - |
| CVE-2019-0092 | 6.8 | Insufficient input validation vulnerability in subsystem for Intel(R) Active Management Technology (Intel(R) AMT) before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow unauthenticated user to potentially enable escalation of privilege via physical access | PSIRT-TA-201901-002 | 05/14/2019 | - |
| CVE-2019-0091 | 6.6 | Code injection vulnerability in installer for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow unprivileged user to potentially enable escalation of privilege via local access. | PSIRT-TA-201901-002 | 05/14/2019 | - |
| CVE-2019-0086 | 7.8 | Insufficient access control vulnerability in Dynamic Application Loader software for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow unprivileged user to potentially enable escalation of privilege via local access | PSIRT-TA-201901-002 | 05/14/2019 | - |
| CVE-2019-0090 | 7.1 | Insufficient access control vulnerability in subsystem for Intel(R) CSME before version 12.0.35, Intel(R) Server Platform Services before version SPS_E3_05.00.04.027.0 may allow unauthenticated user to potentially enable escalation of privilege via physical access | PSIRT-TA-201901-002 | 05/14/2019 | - |
| CVE-2019-0089 | 8.1 | Improper data sanitization vulnerability in subsystem in Intel(R) Server Platform Services before versions SPS_E5_04.00.04.381.0, SPS_E3_04.01.04.054.0, SPS_SoC-A_04.00.04.181.0, and SPS_SoC-X_04.00.04.086.0 may allow privileged user to potentially enable escalation of privilege via local access | PSIRT-TA-201901-002 | 05/14/2019 | - |
| N/A | 4.3 | Type confusion in HECI service for Intel(R) Server Platform Services Tools may allow authenticated user to potentially enable escalation of privilege via local access. | PSIRT-TA-201903-001 | 03/04/2019 | - |
| CVE-2018-11091 | 3.8 | Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access | PSIRT-TA-2019-02-002 | 05/14/2019 | - |
| CVE-2018-12130 | 6.5 | Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. | PSIRT-TA-2019-02-002 | 05/14/2019 | - |
| CVE-2018-12127 | 6.5 | Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. | PSIRT-TA-2019-02-002 | 05/14/2019 | - |
| Common Vulnerabilities and Exposures (CVE) | CVSS v3 Vulnerability Severity | Description | Intel Security Advisory (SA) | Original Date | Last Revised |
| CVE-2018-3615 | 7.3 | Systems with microprocessors utilizing speculative execution and Intel® software guard extensions (Intel® SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis. | INTEL-SA-00161 | 8/14/2018 | 8/23/2018 |
| CVE-2018-3620 | 6.5 | Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis | INTEL-SA-00161 | 8/14/2018 | 8/23/2018 |
| CVE-2018-3646 | 6.5 | Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis | INTEL-SA-00161 | 8/14/2018 | 8/23/2018 |
| Common Vulnerabilities and Exposures (CVE) | CVSS v3 Vulnerability Severity | Description | Intel Security Advisory (SA) | Original Date | Last Revised |
| CVE-2018-3628 | 8.1 | Buffer overflow in HTTP handler in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 3.x, 4.x, 5.x, 6.x, 7.x, 8.x, 9.x, 10.x, and 11.x may allow an attacker to execute arbitrary code via the same subnet | INTEL-SA-00112 | 7/10/2018 | 7/10/2018 |
| CVE-2018-3629 | 7.5 | Buffer overflow in event handler in Intel® Active Management Technology in Intel Converged Security Manageability Engine Firmware 3.x,4.x,5.x,6.x,7.x,8.x,9.x, 10.x,11.x may allow an attacker to cause a denial of service via the same subnet | INTEL-SA-00112 | 7/10/2018 | 7/10/2018 |
| CVE-2018-3632 | 6.4 | Memory corruption in Intel® Active Management Technology in Intel Converged Security Manageability Engine Firmware 6.x/7.x/8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 could be triggered by an attacker with local administrator permission on system | INTEL-SA-00112 | 7/10/2018 | 7/10/2018 |
| NA | 8.2 | Incorrect handling of memory types in Tianocore firmware potentially allows a local attacker to bypass SMM protections on memory | INTEL-SA-00159 | 7/10/2018 | 7/10/2018 |
| NA | 6.1 | Insecure handling of UEFI variables in Intel® Xeon® Scalable processors, Intel® Xeon® Processor E5 v4 Family, Intel® Xeon® Processor E5 v3 Family system firmware potentially allows a local attacker to disable security features of the platform. Intel reference firmware implemented setup options to enable/disable security features. These options are used in the validation environments to relax security when running tests in a lab environment. If used by malware on a production system, these features may result in elevation of privilege by disabling protection of the system configuration or denial of service. | INTEL-SA-00112 | 7/10/2018 | 7/10/2018 |
| NA | 7.6 | Platform sample code firmware included with 4th Gen Intel® Core™ Processor (Haswell), 5th Gen Intel® Core™ Processor (Broadwell), 6th Gen Intel® Core™ Processor (Skylake), and 7th Gen Intel® Core™ Processor (Kaby Lake) contains a logic error potentially allowing a physical attacker to bypass firmware authentication. | INTEL-SA-00152 | 7/10/2018 | 7/10/2018 |
| NA | 6.8 | Logic error in platform sample code firmware included with 4th Gen Intel® Core™ Processor (Haswell), 5th Gen Intel® Core™ Processor (Broadwell), 6th Gen Intel® Core™ Processor (Skylake), and 7th Gen Intel® Core™ Processor (Kaby Lake) potentially allows a physical attacker to exploit incorrect TPM measurement of system firmware. | INTEL-SA-00152 | 7/10/2018 | 7/10/2018 |
| CVE-2017-5704 | 7.2 | Platform sample code firmware included with 4th Gen Intel® Core™ Processor (Haswell), 5th Gen Intel® Core™ Processor (Broadwell), 6th Gen Intel® Core™ Processor (Skylake), and 7th Gen Intel® Core™ Processor (Kaby Lake) potentially exposes password information in memory to a local attacker with administrative privileges. | INTEL-SA-00160 | 7/10/2018 | 7/10/2018 |
| Common Vulnerabilities and Exposures (CVE) | CVSS v3 Vulnerability Severity | Description | Intel Security Advisory (SA) | Original Date | Last Revised |
| CVE-2018-3639 | 4.3 | Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4. | INTEL-SA-00115 | 5/21/2018 | 6/25/2018 |
| CVE-2018-3640 | 4.3 | Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis | INTEL-SA-00115 | 5/21/2018 | 6/25/2018 |
Disclosed by Google Project Zero
Variant 1 (Spectre), Variant 2 (Spectre), Variant 3 (Meltdown)
INTEL-TA-201710-003, Intel Doc # 575035, CVE-2017-5715
Unsafe Opcodes exposed in Intel SPI based products
PSIRT-TA-201708-001, Intel Doc # 574208