Print Page | Close Window

Gemini Lake boards (J5005, J4105) vulnera

Printed From: ASRock.com
Category: Technical Support
Forum Name: HTPC&Gaming Barebone&Others
Forum Description: Question about HTPC&Gaming Barebone&Others
URL: https://forum.asrock.com/forum_posts.asp?TID=15101
Printed Date: 23 Nov 2024 at 8:49pm
Software Version: Web Wiz Forums 12.04 - http://www.webwizforums.com


Topic: Gemini Lake boards (J5005, J4105) vulnera
Posted By: NNEERR
Subject: Gemini Lake boards (J5005, J4105) vulnera
Date Posted: 08 Jul 2020 at 6:40am
The Gemini Lake mainboards, e.g. J5005-ITX and J4105-ITX, are vulnerable!

The latest released [URL=https://www.asrock.com/mb/Intel/J5005-ITX/index.asp#BIOS]BIOS version[/URL] is 1.40 from Oct. 2018.
The TXE version is 4.0.0.1245.
The Gemini Lake mainboards are recent products, vulnerable since more than one year but ASrock doesn't release BIOS version with fixes!

Of course, they have fixes from Intel!
They have newer BIOS versions (e.g. with Intel(R) Trusted Execution Engine Version: 4.0.20.1311), but they don't release them!

If you contact the support and ask for details and release of new BIOS versions you don't get a specific/detailed answer (or your questions will just be ignored).

This is a tragedy and not acceptable!


P.S.: This official ASRock Forum is also a mess! No secure communication, not following legal requirements and decades behind state of the art.


******************************

Intel(R) CSME Version Detection Tool
Copyright(C) 2017-2020, Intel Corporation, All rights reserved.

Application Version: 3.0.7.0
Scan date: 2020-07-07 21:27:41 GMT

*** Host Computer Information ***
Name: rome
Manufacturer: To Be Filled By O.E.M.
Model: To Be Filled By O.E.M.
Processor Name: Intel(R) Pentium(R) Silver J5005 CPU @ 1.50GHz
OS Version: Linux Mint 19.3 (5.4.0-40-generic)

*** Intel(R) ME Information ***
Engine: Intel(R) Trusted Execution Engine
Version: 4.0.0.1245

*** Risk Assessment ***
Based on the analysis performed by this tool: This system is vulnerable.
Explanation:
The detected version of the Intel(R) Trusted Execution Engine firmware
has a vulnerability listed in one or more of the public Security Advisories.
Contact your system manufacturer for support and remediation of this system.

For more information refer to the Intel(R) CSME Version Detection Tool User Guide
or the related Intel Security Advisory list at:
https://www.intel.com/content/www/us/en/support/articles/000031784/technologies.html



Print Page | Close Window

Forum Software by Web Wiz Forums® version 12.04 - http://www.webwizforums.com
Copyright ©2001-2021 Web Wiz Ltd. - https://www.webwiz.net