CVE-2017-3198

GIGABYTE BRIX UEFI firmware is not cryptographically signed

EPSS 1.6%CWE-345

In short

GIGABYTE BRIX firmware updates are not digitally signed and are downloaded over unencrypted HTTP, allowing an attacker to modify the firmware without detection and compromise the system at the deepest level.

Technical detail

The UEFI firmware lacks cryptographic signature validation (CWE-345) and relies on insecure HTTP for distribution, enabling man-in-the-middle or supply-chain attackers to inject malicious firmware modifications that execute with maximum privilege during boot.

Summary generated and translated by AI from the official description.

GIGABYTE BRIX UEFI firmware does not cryptographically validate images prior to updating the system firmware. Additionally, the firmware updates are served over HTTP. An attacker can make arbitrary modifications to firmware images without being detected.

Affected products

GIGABYTE · GB-BSi7H-6500 GIGABYTE · GB-BXi7-5775

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.cylance.com/en_us/blog/gigabyte-brix-systems-vulnerabilities.html https://www.kb.cert.org/vuls/id/507496 http://www.securityfocus.com/bid/97294