Using its automated binary analysis system Eclypsium Automata, Eclypsium has uncovered the existence of high-impact security vulnerabilities in Phoenix SecureCore UEFI firmware used by a wide variety of motherboard providers and Intel CPUs spanning from 14th Gen to 6th Gen—all the “Lakes” in other words. This vulnerability also extends to several other UEFI BIOS vendors, including Lenovo, Intel, Insyde, and AMI. Phoenix is the latest to join the list.
The specific Phoenix SecureCore UEFI firmware vulnerability that prompted this posting is referred to as “UEFIcanhazbufferoverflow” by Eclypsium, which is just a funny way of pointing out that this is a buffer overflow exploit. The specific method in which the “UEFIcanhazbufferoverflow” exploit works is by using an unsafe call to the “GetVariable” UEFI service.
By making unsafe calls, a stack buffer overflow can be created, allowing for arbitrary code to be executed. In the BIOS or its modern counterpart, the UEFI, even a buffer overflow allows for full-system access and control to be gained very quickly, and the consequences of that happening can be challenging to remove from a PC permanently. Sometimes, it may even be impossible without replacing the machine entirely— and that’s not counting passwords and such that may become compromised and still need changing between machines.
Any potentially impacted Intel user should update their BIOS to protect from this issue as soon as possible, though not before creating backups of important files and the original BIOS just in case something goes wrong. Since exploits impacting UEFI are as close to Layer 0 as they get with PC hardware, it’s essential for all parties involved to act as quickly and safely as possible.
As noted by Eclypsium, this Phoenix vulnerability was discovered in a hands-off manner by its Automata security system, which is an automated binary analysis system using the research data of Eclypsium’s own researchers. While there are certainly issues with things like AI-written code and AI “generated” art, it’s always nice to see cutting-edge AI and machine learning tech put toward something useful for humanity.
0 Comments