Scientists discover UEFI security flaw impacting Intel processors

Scientists discover UEFI security flaw impacting Intel processors

Cybersecurity researchers have recently discovered a UEFI vulnerability in Phoenix SecureCore UEFI firmware that affects various Intel Core desktop and mobile processors. Dubbed “UEFIcanhazbufferoverflow,” the now-patched vulnerability, identified as CVE-2024-0762 with a CVSS score of 7.5, involves a buffer overflow caused by an unsafe variable in the Trusted Platform Module (TPM) configuration, potentially allowing the … Read more

New vulnerability in Phoenix UEFI firmware puts many Intel chips at risk, echoing worries raised by BlackLotus

New vulnerability in Phoenix UEFI firmware puts many Intel chips at risk, echoing worries raised by BlackLotus

A new vulnerability has been discovered in Intel-based devices, including those using the latest Raptor Lake platform, that could allow attackers to gain unauthorized access to PCs through UEFI firmware. The flaw, known as CVE-2024-0762, was identified by cybersecurity firm Eclypsium in the Phoenix SecureCore UEFI firmware on Lenovo ThinkPad X1 Carbon 7th Generation and … Read more

Firmware Vulnerability Impacts Multiple Intel CPU Generations – Critical UEFI Code Execution Flaw Discovered in CPUs from 14th Gen Raptor Lake to 6th Gen Skylake, No Protection from TPM

Firmware Vulnerability Impacts Multiple Intel CPU Generations – Critical UEFI Code Execution Flaw Discovered in CPUs from 14th Gen Raptor Lake to 6th Gen Skylake, No Protection from TPM

Cybersecurity firm Eclypsium has uncovered significant security vulnerabilities in the Phoenix SecureCore UEFI firmware used by various Intel CPU and motherboard vendors across different generations. These vulnerabilities, dubbed “UEFIcanhazbufferoverflow,” are due to an insecure call to the UEFI service “GetVariable,” which could lead to a stack buffer overflow and allow malicious code execution. This kind … Read more

Intel chips vulnerable to Phoenix UEFI flaw pose significant security risk

Intel chips vulnerable to Phoenix UEFI flaw pose significant security risk

A new vulnerability has been discovered in the UEFI firmware that poses a security threat to various Intel chip families, similar to past exploits like BlackLotus. Security workshop Eclypsium has disclosed the CVE-2024-0762 vulnerability to Phoenix Technologies, whose UEFI firmware is affected. This firmware is used in a wide range of Windows laptops, tablets, desktops, … Read more

Intel Processor Vulnerability Causes Buffer Overflow Flaw in UEFI, Affecting Hundreds of PCs and Servers

Intel Processor Vulnerability Causes Buffer Overflow Flaw in UEFI, Affecting Hundreds of PCs and Servers

A new vulnerability has been discovered in the Phoenix SecureCore UEFI firmware that affects multiple desktop and mobile Intel Core processors. The vulnerability, identified as CVE-2024-0762 with a severity level of 7.5, was first detected on the Lenovo ThinkPad X1 Carbon 7th Gen and SecureCore versions firmware. Known as UEFIcanhazbufferoverflow, this vulnerability has been found … Read more

‘Phoenix SecureCore UEFI Vulnerability Allows ‘UEFIcanhazbufferoverflow’ Attack on Intel Processors”

‘Phoenix SecureCore UEFI Vulnerability Allows ‘UEFIcanhazbufferoverflow’ Attack on Intel Processors”

A new vulnerability known as “UEFIcanhazbufferoverflow,” identified as CVE-2024-0762, has been discovered in the Phoenix SecureCore UEFI firmware, impacting various desktop and mobile Intel Core processors. This vulnerability, disclosed by cybersecurity researchers, exposes a critical buffer overflow issue within the Trusted Platform Module (TPM) configuration, potentially enabling unauthorized code execution by malicious actors. Eclypsium, a … Read more

Vulnerability in Phoenix UEFI affects multiple Intel PC models

Vulnerability in Phoenix UEFI affects multiple Intel PC models

A critical vulnerability has been discovered in the Phoenix SecureCore UEFI firmware, known as CVE-2024-0762, impacting devices with various Intel CPUs. Lenovo has already released firmware updates to address the flaw, which is identified as ‘UEFICANHAZBUFFEROVERFLOW’ and involves a buffer overflow bug in the firmware’s Trusted Platform Module (TPM) configuration that could allow for code … Read more

Bug in Phoenix SecureCore UEFI firmware impacts Intel processors, reports TechTarget

Bug in Phoenix SecureCore UEFI firmware impacts Intel processors, reports TechTarget

A recent study by Eclypsium has revealed a vulnerability in the Phoenix SecureCore UEFI firmware that affects various Intel processors and hundreds of computer models. This flaw, known as CVE-2024-0762 or “UEFIcanhazbufferoverflow,” has been assigned a CVSS score of 7.5 and involves an unsafe variable in the Trusted Platform Module (TPM) configuration that could potentially … Read more

Researchers Discover Security Flaw in UEFI System Impacting Various Intel Processors

Researchers Discover Security Flaw in UEFI System Impacting Various Intel Processors

Cybersecurity researchers have recently discovered a security flaw in Phoenix SecureCore UEFI Firmware that affects multiple families of Intel Core processors. This vulnerability, known as CVE-2024-0762, allows for buffer overflow that could lead to malicious code execution in the Trusted Platform Module (TPM) configuration. This flaw can be exploited by a local attacker to gain … Read more