[prev in list] [next in list] [prev in thread] [next in thread]
List: full-disclosure
Subject: [FD] Repeat of CVE-2018-4251 in Razer Laptops
From: Bailey Fox <bfox200012 () gmail ! com>
Date: 2019-03-25 7:26:10
Message-ID: CACMZmHHXYhr-haiwo7wrz8RrYh4Z38eKO6jd8ctockoQsP733w () mail ! gmail ! com
[Download RAW message or body]
Razer has a vulnerability affecting all current laptops, where the SPI
Flash is set to full read/write and the Intel CPU is left in ME
Manufacturing Mode. This allows for attackers to safeguard rootkits with
Intel Boot Guard, downgrade the BIOS to exploit older vulnerabilities such
as Meltdown, and many other things. They have yet to look into getting a
CVE assigned, saying it isn't necessary.
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic