CVE-2008-3900

Name of the Vulnerable Software and Affected Versions Intel firmware version 0050.2007.0710.1559

Description The issue allows local users to obtain sensitive information, specifically pre-boot authentication passwords, by reading physical memory locations associated with the BIOS Keyboard buffer. This is possible because the passwords are stored in the buffer and not cleared after use.

Recommendations For Intel firmware version 0050.2007.0710.1559, consider disabling the pre-boot authentication feature until a patch is available to clear the BIOS Keyboard buffer after use. Restrict physical access to the system to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.