We review vendors based on rigorous testing and research but also take into account your feedback and our affiliate commission with providers. Some providers are owned by our parent company.
Learn more
vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.
Advertising Disclosure

vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

Phoenix UEFI Flaw Impacts Hundreds of Intel PC Models

Phoenix UEFI Flaw Impacts Hundreds of Intel PC Models
Author Image Husain Parvez
Husain Parvez Published on 24th June 2024 Cybersecurity Researcher

A significant vulnerability in Phoenix SecureCore UEFI firmware has been discovered, affecting hundreds of Intel PC and server models. The flaw, identified as CVE-2024-0762 and holding a CVSS score of 7.5, was uncovered by Eclypsium's automated binary analysis system.

This high-impact vulnerability involves an unsafe variable in the Trusted Platform Module (TPM) configuration that can lead to a buffer overflow and malicious code execution. "To be clear, this vulnerability lies in the UEFI code handling TPM configuration — in other words, it doesn’t matter if you have a security chip like a TPM if the underlying code is flawed," warns Eclypsium.

The affected Intel processors span multiple generations, including Alder Lake, Coffee Lake, Comet Lake, Ice Lake, Jasper Lake, Kaby Lake, Meteor Lake, Raptor Lake, Rocket Lake, and Tiger Lake.

Initially, the issue was identified in Lenovo's ThinkPad X1 Carbon 7th Gen and X1 Yoga 4th Gen, but it has since been confirmed that the vulnerability may impact a wide range of vendors, including Dell, Acer, and HP.

The bug was found in the System Management Mode (SMM) subsystem of the Phoenix SecureCore firmware, a critical part of the firmware that runs with high privileges.

Phoenix Technologies has addressed the vulnerability, and manufacturers such as Lenovo have started deploying the necessary updates. Lenovo's advisory, published in May, details the affected models and the availability of firmware updates, with some fixes scheduled for release later this year.

The Register emphasized the severity of UEFI vulnerabilities, noting that they often allow attackers to operate within the lowest and most privileged levels of a system, establishing persistent backdoors that are very difficult to detect. Previous UEFI flaws allowed for the notorious BlackLotus, CosmicStrand, and MosaicRegressor malware.

Users are strongly advised to update their PC firmware to the latest version and consult their hardware vendors to prevent potential exploitation.

About the Author

Husain Parvez is a Cybersecurity Researcher and News Writer at vpnMentor, focusing on VPN reviews, detailed how-to guides, and hands-on tutorials. Husain is also a part of the vpnMentor Cybersecurity News bulletin and loves covering the latest events in cyberspace and data privacy.

Please, comment on how to improve this article. Your feedback matters!

Leave a comment

Sorry, links are not allowed in this field!

Name should contain at least 3 letters

The field content should not exceed 80 letters

Sorry, links are not allowed in this field!

Please enter a valid email address