[Japanese]

JVNDB-2024-000090

Secure Boot bypass Vulnerability in PRIMERGY

Overview

PRIMERGY is an IA server provided by Fsas Technologies Inc. PRIMERGY contains a vulnerability where Secure Boot function is bypassed. This is due to a vulnerability called "PKFail" (CVE-2024-8105), which was publicly disclosed by Binarly.

Fsas Technologies Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.
JPCERT/CC and Fsas Technologies Inc. coordinated under the Information Security Early Warning Partnership.
CVSS Severity (What is CVSS?)

CVSS V3 Severity:
Base Metrics 6.4 (Medium) [IPA Score]
  • Attack Vector: Local
  • Attack Complexity: High
  • Privileges Required: High
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High
Affected Products


Fsas Technologies Inc.
  • PRIMERGY GX2460 M1 PYG2461R2T 7.803 and earlier
  • PRIMERGY GX2460 M1 PYG2461R5T 7.108 and earlier
  • PRIMERGY GX2570 M6 1.6 and earlier

Impact

The product's Secure Boot function may be bypassed and tampered operating system may be booted.
Solution

[Update the BIOS]
Update the BIOS to the latest version according to the information provided by the developer.

[Apply the workaround]
The developer recommends to apply the following workaround to mitigate the impact of this vulnerability.
  • Change Platform Key

For more information, refer to the information provided by the developer.
Vendor Information

Fsas Technologies Inc.
CWE (What is CWE?)

  1. No Mapping(CWE-Other) [IPA Evaluation]
CVE (What is CVE?)

  1. CVE-2024-8105
References

  1. JVN : JVN#49873988
  2. US-CERT Vulnerability Note : VU#455367
  3. Related document : PKfail: Untrusted Platform Keys Undermine Secure Boot on UEFI Ecosystem
  4. Related document : PKfail - Binarly Research Report July 25 2024 (PDF)
Revision History

  • [2024/09/06]
      Web page was published