ASRock Forums : Gemini Lake boards (J5005, J4105) vulnera

ASRock Forums : Gemini Lake boards (J5005, J4105) vulnera https://forum.asrock.com/ Copyright (c) 2006-2013 Web Wiz Forums - All Rights Reserved. Fri, 01 May 2026 10:53:30 +0000 Wed, 08 Jul 2020 06:40:05 +0000 http://blogs.law.harvard.edu/tech/rss Web Wiz Forums 12.04 360 https://forum.asrock.com/RSS_post_feed.asp?TID=15101 <![CDATA[ASRock Forums]]> https://forum.asrock.com/forum_images/web_wiz_forums_black.png https://forum.asrock.com/ <![CDATA[Gemini Lake boards (J5005, J4105) vulnera : The Gemini Lake mainboards, e.g....]]> https://forum.asrock.com/forum_posts.asp?TID=15101&PID=77075&title=gemini-lake-boards-j5005-j4105-vulnera#77075 Author: NNEERR
Subject: 15101
Posted: 08 Jul 2020 at 6:40am

The Gemini Lake mainboards, e.g. J5005-ITX and J4105-ITX, are vulnerable!

The latest released [URL=https://www.asrock.com/mb/Intel/J5005-ITX/index.asp#BIOS]BIOS version[/URL] is 1.40 from Oct. 2018.
The TXE version is 4.0.0.1245.
The Gemini Lake mainboards are recent products, vulnerable since more than one year but ASrock doesn't release BIOS version with fixes!

Of course, they have fixes from Intel!
They have newer BIOS versions (e.g. with Intel(R) Trusted Execution Engine Version: 4.0.20.1311), but they don't release them!

If you contact the support and ask for details and release of new BIOS versions you don't get a specific/detailed answer (or your questions will just be ignored).

This is a tragedy and not acceptable!

P.S.: This official ASRock Forum is also a mess! No secure communication, not following legal requirements and decades behind state of the art.

******************************

Intel(R) CSME Version Detection Tool
Copyright(C) 2017-2020, Intel Corporation, All rights reserved.

Application Version: 3.0.7.0
Scan date: 2020-07-07 21:27:41 GMT

*** Host Computer Information ***
Name: rome
Manufacturer: To Be Filled By O.E.M.
Model: To Be Filled By O.E.M.
Processor Name: Intel(R) Pentium(R) Silver J5005 CPU @ 1.50GHz
OS Version: Linux Mint 19.3 (5.4.0-40-generic)

*** Intel(R) ME Information ***
Engine: Intel(R) Trusted Execution Engine
Version: 4.0.0.1245

*** Risk Assessment ***
Based on the analysis performed by this tool: This system is vulnerable.
Explanation:
The detected version of the Intel(R) Trusted Execution Engine firmware
has a vulnerability listed in one or more of the public Security Advisories.
Contact your system manufacturer for support and remediation of this system.

For more information refer to the Intel(R) CSME Version Detection Tool User Guide
or the related Intel Security Advisory list at:
https://www.intel.com/content/www/us/en/support/articles/000031784/technologies.html]]> Wed, 08 Jul 2020 06:40:05 +0000 https://forum.asrock.com/forum_posts.asp?TID=15101&PID=77075&title=gemini-lake-boards-j5005-j4105-vulnera#77075