ASRock.com Homepage
Forum Home Forum Home > Technical Support > HTPC&Gaming Barebone&Others
  New Posts New Posts RSS Feed - Gemini Lake boards (J5005, J4105) vulnera
  FAQ FAQ  Forum Search Search  Events   Register Register  Login Login

Gemini Lake boards (J5005, J4105) vulnera

 Post Reply Post Reply
Author
Message
NNEERR View Drop Down
Newbie
Newbie


Joined: 30 Sep 2018
Status: Offline
Points: 20
Post Options Post Options   Thanks (0) Thanks(0)   Quote NNEERR Quote  Post ReplyReply Direct Link To This Post Topic: Gemini Lake boards (J5005, J4105) vulnera
    Posted: 08 Jul 2020 at 6:40am
The Gemini Lake mainboards, e.g. J5005-ITX and J4105-ITX, are vulnerable!

The latest released [URL=https://www.asrock.com/mb/Intel/J5005-ITX/index.asp#BIOS]BIOS version[/URL] is 1.40 from Oct. 2018.
The TXE version is 4.0.0.1245.
The Gemini Lake mainboards are recent products, vulnerable since more than one year but ASrock doesn't release BIOS version with fixes!

Of course, they have fixes from Intel!
They have newer BIOS versions (e.g. with Intel(R) Trusted Execution Engine Version: 4.0.20.1311), but they don't release them!

If you contact the support and ask for details and release of new BIOS versions you don't get a specific/detailed answer (or your questions will just be ignored).

This is a tragedy and not acceptable!


P.S.: This official ASRock Forum is also a mess! No secure communication, not following legal requirements and decades behind state of the art.


******************************

Intel(R) CSME Version Detection Tool
Copyright(C) 2017-2020, Intel Corporation, All rights reserved.

Application Version: 3.0.7.0
Scan date: 2020-07-07 21:27:41 GMT

*** Host Computer Information ***
Name: rome
Manufacturer: To Be Filled By O.E.M.
Model: To Be Filled By O.E.M.
Processor Name: Intel(R) Pentium(R) Silver J5005 CPU @ 1.50GHz
OS Version: Linux Mint 19.3 (5.4.0-40-generic)

*** Intel(R) ME Information ***
Engine: Intel(R) Trusted Execution Engine
Version: 4.0.0.1245

*** Risk Assessment ***
Based on the analysis performed by this tool: This system is vulnerable.
Explanation:
The detected version of the Intel(R) Trusted Execution Engine firmware
has a vulnerability listed in one or more of the public Security Advisories.
Contact your system manufacturer for support and remediation of this system.

For more information refer to the Intel(R) CSME Version Detection Tool User Guide
or the related Intel Security Advisory list at:
https://www.intel.com/content/www/us/en/support/articles/000031784/technologies.html
Back to Top
 Post Reply Post Reply
  Share Topic   

Forum Jump Forum Permissions View Drop Down

Forum Software by Web Wiz Forums® version 12.04
Copyright ©2001-2021 Web Wiz Ltd.

This page was generated in 0.469 seconds.