-1
UEFI firmware is a valuable target

UEFI firmware is a valuable target

5 months ago
Anonymous $6hYC3Wwiad

https://www.bleepingcomputer.com/news/security/phoenix-uefi-vulnerability-impacts-hundreds-of-intel-pc-models/

A newly discovered vulnerability in Phoenix SecureCore UEFI firmware tracked as CVE-2024-0762 impacts devices running numerous Intel CPUs, with Lenovo already releasing new firmware updates to resolve the flaw.

The vulnerability, dubbed 'UEFICANHAZBUFFEROVERFLOW,' is a buffer overflow bug in the firmware's Trusted Platform Module (TPM) configuration that could be exploited to perform code execution on vulnerable devices.

UEFI firmware is a valuable target

Thu Jun 20, 10:24pm UTC
https://www.bleepingcomputer.com/news/security/phoenix-uefi-vulnerability-impacts-hundreds-of-intel-pc-models/ > A newly discovered vulnerability in Phoenix SecureCore UEFI firmware tracked as CVE-2024-0762 impacts devices running numerous Intel CPUs, with Lenovo already releasing new firmware updates to resolve the flaw. > The vulnerability, dubbed 'UEFICANHAZBUFFEROVERFLOW,' is a buffer overflow bug in the firmware's Trusted Platform Module (TPM) configuration that could be exploited to perform code execution on vulnerable devices.