Alex Matrosov

Name of the Vulnerable Software and Affected Versions: GIGABYTE BRIX UEFI firmware for the GB-BSi7H-6500 version F6 GIGABYTE BRIX UEFI firmware for the GB-BXi7-5775 version F2 Description: The issue concerns the insecure implementation of certain features in the UEFI firmware, specifically BIOSWE, BLE, SMM BWP, and PRx. This insecurity allows for arbitrary write access to the BIOS, potentially enabling modifications to the SPI flash. Recommendations: For GIGABYTE BRIX UEFI firmware for the GB-BSi7H-6500 version F6, consider restricting access to the BIOS to prevent unauthorized modifications until a secure update is available. For GIGABYTE BRIX UEFI firmware for the GB-BXi7-5775 version F2, consider implementing additional security measures to protect the BIOS from arbitrary write access, such as secure boot mechanisms or flash protection, until a patch is released.

Name of the Vulnerable Software and Affected Versions: GIGABYTE BRIX UEFI firmware (affected versions not specified) Description: The issue concerns the lack of cryptographic validation of images prior to updating the system firmware. Furthermore, firmware updates are served over HTTP, which allows an attacker to make arbitrary modifications to firmware images without being detected. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.