-1
UEFI firmware is a valuable target

UEFI firmware is a valuable target

6 months ago
Anonymous $6hYC3Wwiad

https://www.bleepingcomputer.com/news/security/phoenix-uefi-vulnerability-impacts-hundreds-of-intel-pc-models/

A newly discovered vulnerability in Phoenix SecureCore UEFI firmware tracked as CVE-2024-0762 impacts devices running numerous Intel CPUs, with Lenovo already releasing new firmware updates to resolve the flaw.

The vulnerability, dubbed 'UEFICANHAZBUFFEROVERFLOW,' is a buffer overflow bug in the firmware's Trusted Platform Module (TPM) configuration that could be exploited to perform code execution on vulnerable devices.