Gefährliche Sicherheitslücken in UEFI-Firmware – ThinkPad BIOS Updates von Lenovo

asche · Mittwoch um 14:22

Schwartz schrieb:
UEFIcanhazbufferoverflow: Widespread Impact from Vulnerability in Popular PC and Server Firmware - Eclypsium | Supply Chain Security for the Modern Enterprise

Summary Eclypsium Automata, our automated binary analysis system, has identified a high impact vulnerability (CVE-2024-0762 with a reported CVSS of 7.5) in the Phoenix SecureCore UEFI firmware that runs on multiple families of Intel Core desktop and mobile processors. The issue involves an...

eclypsium.com

Mal wieder Sicherheitslücken, diesmal im X1.

Nicht nur dort:

However, Phoenix Technologies has subsequently acknowledged that the same issue applies to multiple versions of its SecureCore firmware that runs on Intel processor families including AlderLake, CoffeeLake, CometLake, IceLake, JasperLake, KabyLake, MeteorLake, RaptorLake, RocketLake, and TigerLake.

Mornsgrans · Mittwoch um 15:59

Hier eine Übersicht der davon möglicherweise betroffenen ThinkPad-Modelle:

https://support.lenovo.com/us/en/product_security/LEN-158632#ThinkPad

Siehe auch:

https://support.lenovo.com/us/en/product_security/ps500001-lenovo-product-security-advisories

u.a. mit Link zu:

https://support.lenovo.com/us/en/product_security/LEN-158632#ThinkPad

Gefährliche Sicherheitslücken in UEFI-Firmware – ThinkPad BIOS Updates von Lenovo

asche

Member

UEFIcanhazbufferoverflow: Widespread Impact from Vulnerability in Popular PC and Server Firmware - Eclypsium | Supply Chain Security for the Modern Enterprise

Mornsgrans

Help-Desk

Werbung