Firmware security Archives - Cyber Security Minute

Researchers Uncover UEFI Vulnerability Affecting Multiple Intel CPUs

Issued by: The Hacker News

Cybersecurity researchers have disclosed details of a now-patched security flaw in Phoenix SecureCore UEFI firmware that affects multiple families of Intel Core desktop and mobile processors. Tracked as CVE-2024-0762 (CVSS score: 7.5), the “UEFIcanhazbufferoverflow” vulnerability has been described as a case of a buffer overflow stemming from the use of an unsafe variable in the…

Vulnerabilities

High-Severity UEFI Vulnerabilities Patched in Dell Enterprise Laptops

Issued by: Security Week

On March 10, Dell announced patches for five SMM vulnerabilities in the UEFI – the successor of the BIOS firmware interface – of 45 device models, including multiple Alienware, Inspiron, and Vostro laptop models. Tracked as CVE-2022-24415, CVE-2022-24416, CVE-2022-24419, CVE-2022-24420, and CVE-2022-24421, the high-severity security bugs (CVSS score of 8.2) are described as improper input…