Vulnerabilities (CVE)

Filtered by vendor Compulab Subscribe
Filtered by product Intense Pc
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-9457 1 Compulab 2 Intense Pc, Intense Pc Firmware 2024-02-04 7.2 HIGH 6.7 MEDIUM
Intense PC Phoenix SecureCore UEFI firmware does not perform capsule signature validation before upgrading the system firmware. The absence of signature validation allows an attacker with administrator privileges to flash a modified UEFI BIOS.
CVE-2017-8083 1 Compulab 4 Intense Pc, Intense Pc Firmware, Mintbox 2 and 1 more 2024-02-04 7.2 HIGH 6.7 MEDIUM
CompuLab Intense PC and MintBox 2 devices with BIOS before 2017-05-21 do not use the CloseMnf protection mechanism for write protection of flash memory regions, which allows local users to install a firmware rootkit by leveraging administrative privileges.