Security experts have identified a new vulnerability in Intel CPUs that could allow threat actors to execute malicious code on affected devices remotely. The vulnerability, known as CVE-2024-0762, is a buffer overflow bug found in the Phoenix SecureCore UEFI firmware. This bug affects various Intel CPUs, including Alder Lake, Coffee Lake, Comet Lake, Ice Lake, Jasper Lake, Kaby Lake, Meteor Lake, Raptor Lake, Rocket Lake, and Tiger Lake.
Cybersecurity researchers at Eclypsium discovered the vulnerability in Lenovo ThinkPad X1 Carbon 7th Generation and X1 Yoga 4th Generation devices. However, due to the widespread impact across multiple CPU models, the actual number of vulnerable devices is much higher.
Lenovo has already released firmware updates to address the vulnerability, but other manufacturers may take longer to provide patches. It is recommended for PC users to check with their device manufacturers for patch availability. The flaw was found in the System Management Mode (SMM) subsystem of the Phoenix SecureCore firmware, allowing threat actors to overwrite adjacent memory and gain elevated privileges to execute code remotely using malware like a starter kit.
The vulnerability is related to an unsafe variable in the Trusted Platform Module (TPM) configuration, leading to a buffer overflow and potential execution of malicious code. Eclypsium emphasized that the issue lies in the UEFI code handling the TPM configuration, highlighting the importance of having secure underlying code regardless of the presence of security chips like TPM.
In conclusion, the newly identified vulnerability in Intel CPUs poses a serious security risk, allowing threat actors to execute malicious code remotely on affected devices. Manufacturers are advised to promptly release firmware updates to address the issue, while users should stay informed about patch availability for their devices to mitigate the risk of exploitation. The discovery of this vulnerability underscores the importance of strong security measures in computer hardware to protect against evolving cyber threats.
Article Source
https://www.techradar.com/pro/security/this-major-firmware-flaw-is-affecting-intel-powered-pcs-across-the-world