Vulnerability CVE-2019-10636


Published: 2019-06-04

Description:
Marvell SSD Controller (88SS1074, 88SS1079, 88SS1080, 88SS1093, 88SS1092, 88SS1095, 88SS9174, 88SS9175, 88SS9187, 88SS9188, 88SS9189, 88SS9190, 88SS1085, 88SS1087, 88SS1090, 88SS1100, 88SS1084, 88SS1088, & 88SS1098) devices allow reprogramming flash memory to bypass the secure boot protection mechanism.

Type:

CWE-254

(Security Features)

CVSS2 => (AV:L/AC:L/Au:N/C:N/I:C/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.9/10
6.9/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
Complete
None
Affected software
Marvell -> 88ss9187 firmware 
Marvell -> 88ss1074 firmware 
Marvell -> 88ss9188 firmware 
Marvell -> 88ss1079 firmware 
Marvell -> 88ss9189 firmware 
Marvell -> 88ss1080 firmware 
Marvell -> 88ss9190 firmware 
Marvell -> 88ss1084 firmware 
Marvell -> 88ss1085 firmware 
Marvell -> 88ss1087 firmware 
Marvell -> 88ss1088 firmware 
Marvell -> 88ss1090 firmware 
Marvell -> 88ss1092 firmware 
Marvell -> 88ss1093 firmware 
Marvell -> 88ss1095 firmware 
Marvell -> 88ss1098 firmware 
Marvell -> 88ss1100 firmware 
Marvell -> 88ss9174 firmware 
Marvell -> 88ss9175 firmware 

 References:
https://www.marvell.com/documents/x9g4hrszt5ls3udbe1eo/

Copyright 2024, cxsecurity.com

 

Back to Top