Get all your news in one place.
100’s of premium titles.
One app.
Start reading
Tom’s Hardware
Tom’s Hardware
Technology
Christopher Harper

Firmware flaw affects numerous generations of Intel CPUs — UEFI code execution vulnerability found for Intel CPUs from 14th Gen Raptor Lake to 6th Gen Skylake CPUs, and TPM will not save you

Eclypsium graphic short-handing how the buffer overflow UEFI exploit jeopardizes nearly any system.

Using its automated binary analysis system Eclypsium Automata, Eclypsium has uncovered the existence of high-impact security vulnerabilities in Phoenix SecureCore UEFI firmware used by a wide variety of motherboard providers and Intel CPUs spanning from 14th Gen to 6th Gen—all the "Lakes" in other words. This vulnerability also extends to several other UEFI BIOS vendors, including Lenovo, Intel, Insyde, and AMI. Phoenix is the latest to join the list.

The specific Phoenix SecureCore UEFI firmware vulnerability that prompted this posting is referred to as "UEFIcanhazbufferoverflow" by Eclypsium, which is just a funny way of pointing out that this is a buffer overflow exploit. The specific method in which the "UEFIcanhazbufferoverflow" exploit works is by using an unsafe call to the "GetVariable" UEFI service.

By making unsafe calls, a stack buffer overflow can be created, allowing for arbitrary code to be executed. In the BIOS or its modern counterpart, the UEFI, even a buffer overflow allows for full-system access and control to be gained very quickly, and the consequences of that happening can be challenging to remove from a PC permanently. Sometimes, it may even be impossible without replacing the machine entirely— and that's not counting passwords and such that may become compromised and still need changing between machines.

Any potentially impacted Intel user should update their BIOS to protect from this issue as soon as possible, though not before creating backups of important files and the original BIOS just in case something goes wrong. Since exploits impacting UEFI are as close to Layer 0 as they get with PC hardware, it's essential for all parties involved to act as quickly and safely as possible.

As noted by Eclypsium, this Phoenix vulnerability was discovered in a hands-off manner by its Automata security system, which is an automated binary analysis system using the research data of Eclypsium's own researchers. While there are certainly issues with things like AI-written code and AI "generated" art, it's always nice to see cutting-edge AI and machine learning tech put toward something useful for humanity.

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.