Global Technical Service E-mail:serversupport@inspur.com Europe Technical Service E-mail:eu@inspur.com
Security Notice - Statement on “VoltJockey” and other vulnerabilities of Intel processor
Initial Release Date:2019-12-12 14:00:44
Last Release Date:2019-12-19 09:40:43
Security Notices:

On December 10, 2019, Intel disclosed several potential security vulnerabilities. Intel processor vulnerabilities(CVE-2019-11157和CVE-2019-14607) may allow escalation of privilege, denial of service or information disclosure. Intel is releasing firmware and software updates to mitigate these potential vulnerabilities. The details of the vulnerabilities are as follows:
INTEL-SA-00289:CVE-2019-11157
Improper conditions check in voltage settings for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege and/or information disclosure via local access.
INTEL-SA-00317:CVE-2019-14607
Improper conditions check in multiple Intel Processors may allow an authenticated user to potentially enable partial escalation of privilege, denial of service and/or information disclosure via local access.
Inspur started the relevant investigation work in the first time. Inspur ISRC will update the security notice at any time. Please keep an eye on the security bulletin for this incident.

Inspur Products Affected:
CVE-2019-11157:Inspur products are not affected
CVE-2019-14607:

Impacted products BIOS Release Date
NS5488M5 Feb 2020
NS5484M5 Feb 2020
NS5482M5 Feb 2020
SN5161M5 Jan 2020
NF8480M5 Feb 2020
NX5460M5 Jan 2020
NF5288M5 Jan 2020
TS860M5 Feb 2020
NF5280M5 Feb 2020
NF5466M5 Feb 2020
NF5180M5 Feb 2020
NS5162M5 Jan 2020
NF5266M5 Jan 2020
NF5270M5 Jan 2020
NF8380M5 Jan 2020
NF8260M5 Jan 2020
NF5468M5 Jan 2020
NF5488M5 Feb 2020
NF5888M5 Feb 2020
NF5568M5 Feb 2020

Revision History:

2019-12-19 V1.1 Increase the list of affected products

2019-12-12 V1.0 INITIAL

Inspur Security Procedures:

Inspur is committed to ensuring user safety, working to resolve issues quickly when problems arise, and providing recommendations through security advisories and security notices.
If you have information about a security issue or vulnerability with Inspur products and solutions, please send an e-mail to sec@inspur.com. For details, please visit:
http://en.inspur.com/en/2402164/2458348/index.html
If you require technical support, please visit:
http://en.inspur.com/eportal/ui?pageId=2403545

Reference links:

INTEL-SA-00289:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00289.html
INTEL-SA-00317:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00317.html

ABOUT US

Inspur Group News Events

SUPPORT

Download Center Service & Warranty
  • E-Waste Collection Service
  • Security Bulletins
  • WHERE TO BUY

    Where to buy

    CONTACT US

    Contact Us Join Us

    FOLLOW INSPUR

    Facebook Instagram Twitter

    Copyright © 2018 Inspur. All Rights Reserved.

    inspur logo
    • Support:

      1-844-860-0011

    • Sales Inquiries:

      1-800-697-5893