Does the Greenbone community feed address LogoFAIL yet?
I don’t see any details on CVE-2023-5058, CVE-2023-39538, CVE-2023-39539, or CVE-2023-40238
1 Like
There are currently no tests in the Greenbone Community Feed for this.
The CVE information will arrive in the feed shortly. These vulnerabilities have just been disclosed. At the time of writing, the CVEs are still being entered into NIST’s National Vulnerability Database or are awaiting analysis:
Please note that vulnerability tests for these CVEs could be hard to implement. UEFI firmware is present on systems in the form of binary blobs, which the scanner may not be able to analyze at all. Only if the various Linux distributions address this problem, e.g. through microcode updates, can detections be written. We are dependent on the timeline of these external vendors for this. For further information see The Race to Protect from Cyber Attacks: Attack Vector Timeline.
Nevertheless, we are very aware of the topic and are following it closely.
5 Likes
Thanks Martin-
Seems like LogoFAIL is the next “bad one” and thought I may have missed something. Glad to hear that Greenbone is on it.
2 Likes
Please note that UEFI/BIOS vulnerabilities are (at least currently) generally outside of the scope of our work and not covered at all, this means it is very unlikely that these CVEs will be covered via VTs in the future (at least not in the near future).
Coverage via Microcode updates and relevant automatically generated local security checks (LSCs) is also not to be expected, to the best of my knowledge only CPU related flaws will be covered via such Microcode updates.
For now please check for your vulnerability exposure manually by checking the system(s) in question against the possible published vendor advisory of your hardware / device.
4 Likes