Medium severity6.7NVD Advisory· Published Jul 25, 2017· Updated Jun 17, 2026
CVE-2017-9457
CVE-2017-9457
Description
Intense PC Phoenix SecureCore UEFI firmware does not perform capsule signature validation before upgrading the system firmware. The absence of signature validation allows an attacker with administrator privileges to flash a modified UEFI BIOS.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- cpe:2.3:o:compulab:intense_pc_firmware:*:*:*:*:*:*:*:*Range: <=cr_2.2.0.400.2
Patches
Vulnerability mechanics
References
3- packetstormsecurity.com/files/143481/Compulab-Intense-PC-MintBox-2-Signature-Verification.htmlnvdThird Party AdvisoryVDB Entry
- seclists.org/fulldisclosure/2017/Jul/56nvdMailing ListThird Party Advisory
- watchmysys.com/blog/2017/07/cve-2017-9457-compulab-intense-pc-lacks-firmware-validation/nvdThird Party Advisory
News mentions
0No linked articles in our index yet.