The CVE-2024-0762 vulnerability was found within the Phoenix SecureCore UEFI firmware by cybersecurity consultants at Eclypsium on Lenovo ThinkPad X1 Carbon seventh era and X1 Yoga 4th era laptops. Additional examination confirmed that it impacts machines operating a variety of Intel processors, together with Alder Lake, Espresso Lake, Comet Lake, Ice Lake, Jasper Lake, Kaby Lake, Meteor Lake, Raptor Lake, Rocket Lake and Tiger Lake – could also be affected PCs made by Lenovo, Dell, Acer and HP. The vulnerability is because of a buffer overflow error within the Trusted Platform Module (TPM) configuration, which permits attackers to escalate privileges and execute code in UEFI. The presence of TPM itself shouldn’t be needed to use the vulnerability.
UEFI firmware is taken into account safer because of the Safe Boot function, which is supported by fashionable working techniques, together with Home windows, macOS and Linux. However, making the most of errors in its implementation, hackers create bootkits similar to BlackLotus, CosmicStrand and MosaicAggressor – they’re triggered within the early phases of UEFI boot and supply potential attackers with low-level entry to the system, which is extraordinarily troublesome to detect.
Lenovo has begun releasing firmware updates for affected gadgets. Whereas updates will not be obtainable for all fashions, the corporate hopes to cowl a major a part of the vary by the tip of the yr. Phoenix Applied sciences stated it closed the vulnerability in April and made details about it public in Could.
#Tens of millions #PCs #Intel #chips #threat #hacking
2024-06-25 21:23:16