CVE-2019-10636

Published Jun 4, 2019
Last updated 4 years ago
CVSS medium 4.6
Overview

Description: Marvell SSD Controller (88SS1074, 88SS1079, 88SS1080, 88SS1093, 88SS1092, 88SS1095, 88SS9174, 88SS9175, 88SS9187, 88SS9188, 88SS9189, 88SS9190, 88SS1085, 88SS1087, 88SS1090, 88SS1100, 88SS1084, 88SS1088, & 88SS1098) devices allow reprogramming flash memory to bypass the secure boot protection mechanism.
Source: cve@mitre.org
NVD status: Analyzed
Risk scores

CVSS 3.0

Type: Primary
Base score: 4.6
Impact score: 3.6
Exploitability score: 0.9
Vector string: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Severity: MEDIUM
CVSS 2.0

Type: Primary
Base score: 4.9
Impact score: 6.9
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:N/I:C/A:N
Weaknesses

nvd@nist.gov: CWE-400
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:marvell:88ss1074:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "61C638E3-E732-4583-B86B-AF8C0AE200AF"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:marvell:88ss1074_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B5AB069C-8F5E-4426-BBAD-060C53C4CB03"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:marvell:88ss1079:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9C90CF2E-F134-464F-BE38-12FAE12C41FF"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:marvell:88ss1079_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A7105B46-58D9-47E0-A3A4-AA8400889F84"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:marvell:88ss1080:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B5DCF0D8-0FEB-47D5-9C2E-7AB66BDE7219"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:marvell:88ss1080_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C632C4AB-00C5-47F0-B03F-B6B9F7967767"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:marvell:88ss1093:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4BB05BA8-DF11-4D39-80B7-6FC15CA427D5"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:marvell:88ss1093_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "05170A42-E4FB-45C6-BB33-F715EA0A280D"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:marvell:88ss1092:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D622BAB2-ED95-4D52-A2C1-A82A8CFA80C4"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:marvell:88ss1092_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EED82139-547D-4891-8280-95378B25BC27"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:marvell:88ss1095:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BB34E6C2-0548-408D-A71C-74910008ECFF"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:marvell:88ss1095_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F06FE115-9BF4-46EE-BAFF-9FA3F6738655"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:marvell:88ss9174:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "ED901235-7E20-43AB-AD4E-3646A392612A"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:marvell:88ss9174_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "20ADEB11-1460-4F33-B21E-CD87E683D984"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:marvell:88ss9175:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "77E79F29-C3CF-4389-8BA1-F34A36335F62"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:marvell:88ss9175_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3A29FFF1-B95F-41F6-B210-F664BCF4A396"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:marvell:88ss9187_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3FE60481-C6A6-472E-90B8-AD191727EEEF"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:marvell:88ss9187:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "27122633-404E-457F-98A1-8B69A84DE8FC"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:marvell:88ss9188_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AA3F3F09-26A5-4AD6-AF72-5DBE5A9E52CF"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:marvell:88ss9188:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "FE82DB0D-4EAE-4724-8204-B2D843DDEB47"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:marvell:88ss9189_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2DD262DE-9D7C-41E6-BBD7-99D1115332D1"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:marvell:88ss9189:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C9F370C7-4677-4DAC-8567-A5E078905308"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:marvell:88ss9190_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2C674604-4D44-483E-8DFA-6149A14BF008"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:marvell:88ss9190:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "81FB7571-E8C7-454E-9037-88F6AE967C73"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:marvell:88ss1085_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F05FDB7C-0BE9-418A-BFCA-817A2D14ADDC"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:marvell:88ss1085:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5FF16F2D-3DF1-425E-99AE-41304A6BD6EA"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:marvell:88ss1087_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FF4B177E-B81E-4D23-98FE-C47ABA4A6682"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:marvell:88ss1087:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5098DD45-6852-4250-AA16-D9FDBC401048"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:marvell:88ss1090_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C9260A75-FD9E-46E0-9FF3-0D598243BCB2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:marvell:88ss1090:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E73C2E84-6C6D-444D-9291-3B7657514BD6"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:marvell:88ss1100_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B1349735-5A97-4B7A-AEE9-BEC650169B19"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:marvell:88ss1100:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2AAF77F2-F54E-42D7-BFC7-8259806ECF15"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:marvell:88ss1084_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0160DC8E-FFB6-45DD-AB61-1680A0EECC5A"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:marvell:88ss1084:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9E3DA044-B80F-49AA-BDA3-8D701A8BCF37"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:marvell:88ss1088_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A1D03A4B-D5ED-4D05-B76B-0F12F91967A7"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:marvell:88ss1088:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D9BED584-52EA-478F-AC29-489572E16CA0"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:marvell:88ss1098_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EF471093-B461-4003-B5E9-73D231913439"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:marvell:88ss1098:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D0ADC821-7713-4D76-BD67-E55BF6F8BAB9"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]
Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References
