Hundreds of PC, Server Models Possibly Affected by Serious Phoenix UEFI Vulnerability

June 20, 2024 at 09:33AM A high-severity vulnerability, CVE-2024-0762 (dubbed UEFIcanhazbufferoverflow), was found in Phoenix Technologies’ SecureCore UEFI firmware, affecting multiple Intel processors. Eclypsium discovered the security hole, warning of potential escalation of privileges and code execution. Phoenix has addressed the issue, with device manufacturers deploying patches. Lenovo is also releasing fixes for affected computers. … Read more