June 20, 2024 at 10:58AM
Cybersecurity researchers have disclosed a now-patched security flaw in Phoenix SecureCore UEFI firmware affecting multiple Intel Core processor families. Tracked as CVE-2024-0762 with a CVSS score of 7.5, the “UEFIcanhazbufferoverflow” vulnerability allowed a local attacker to execute malicious code within the firmware, impacting devices using Phoenix SecureCore firmware on select Intel processor families.
The meeting notes discuss a recently patched security flaw in the Phoenix SecureCore UEFI firmware, affecting multiple families of Intel Core desktop and mobile processors. Tracked as CVE-2024-0762 with a CVSS score of 7.5, the “UEFIcanhazbufferoverflow” vulnerability is characterized by a buffer overflow in the Trusted Platform Module (TPM) configuration, allowing a local attacker to escalate privileges and execute malicious code within the UEFI firmware during runtime. The vulnerability was addressed by Phoenix Technologies in April 2024, and updates have been released by PC maker Lenovo. The UEFI firmware is highlighted as a high-value target for threat actors, with vulnerabilities posing a severe supply chain risk and the potential for compromising modern devices. Additionally, the notes mention a similar unpatched buffer overflow flaw in HP’s implementation of UEFI and a software attack called TPM GPIO Reset.