Phoenix UEFI flaw puts long list of Intel chips in hot seat

June 21, 2024 at 12:30PM A new UEFI firmware vulnerability (CVE-2024-0762, CVSSv3: 7.5) disclosed by Eclypsium affects Phoenix Technologies’ UEFI firmware, potentially impacting various Intel chip families back to Kaby Lake. Exploiting a Trusted Platform Module (TPM) configuration flaw, it poses a threat despite having a TPM in the device. Mitigations and patches have been … Read more

Phoenix UEFI vulnerability impacts hundreds of Intel PC models

June 20, 2024 at 05:32PM A new vulnerability, CVE-2024-0762, in Phoenix SecureCore UEFI firmware impacts devices running various Intel CPUs. Dubbed ‘UEFICANHAZBUFFEROVERFLOW,’ the flaw, discovered by Eclypsium, affects the firmware’s TPM configuration, posing a code execution risk. Lenovo has released new firmware, with the potential for hundreds of models’ impacted. Secure Boot in UEFI firmware … Read more

High-Risk Overflow Bug in Intel Chips Likely Impacts 100s of PC Models

June 20, 2024 at 05:10PM A critical vulnerability, CVE-2024-0762 “UEFIcanhazbufferoverflow,” affecting Intel processors has been detailed by Eclypsium researchers. The flaw in UEFI firmware may allow attackers to gain unauthorized access and execute malicious code. The widespread impact on various PC models running SecureCore firmware adds complexity to patching efforts, leaving organizations vulnerable until fixes … Read more

Hundreds of PC, Server Models Possibly Affected by Serious Phoenix UEFI Vulnerability

June 20, 2024 at 09:33AM A high-severity vulnerability, CVE-2024-0762 (dubbed UEFIcanhazbufferoverflow), was found in Phoenix Technologies’ SecureCore UEFI firmware, affecting multiple Intel processors. Eclypsium discovered the security hole, warning of potential escalation of privileges and code execution. Phoenix has addressed the issue, with device manufacturers deploying patches. Lenovo is also releasing fixes for affected computers. … Read more

By proceeding you understand and give your consent that your IP address and browser information might be processed by the security plugins installed on this site.
×