PT-2018-7184 · Unknown · Consumer Notebooks

Published

2018-10-03

Updated

2019-10-03

CVE-2017-2751

CVSS v3.1

4.6

Medium

Vector

AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions: Consumer notebooks with firmware F.22

Description: A BIOS password extraction issue has been reported, where the BIOS password was stored in CMOS in a way that allowed it to be extracted. This issue affects certain consumer notebooks launched in early 2014.

Recommendations: For consumer notebooks with firmware F.22, consider changing the BIOS password to a new, secure one to minimize potential risks. Additionally, restrict physical access to the notebooks to prevent unauthorized extraction of the BIOS password.

Fix

Insufficiently Protected Credentials

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-522

Related Identifiers

CVE-2017-2751

Affected Products

Consumer Notebooks

PT-2018-7184 · Unknown · Consumer Notebooks

CVE-2017-2751

Weakness Enumeration

Related Identifiers

Affected Products

References · 3