CVE-2017-9457

Name of the Vulnerable Software and Affected Versions Intense PC Phoenix SecureCore UEFI firmware (affected versions not specified)

Description The issue concerns the lack of capsule signature validation in the UEFI firmware before upgrading the system firmware. This absence of validation enables an attacker with administrator privileges to flash a modified UEFI BIOS.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.