Cybersecurity researchers have recently uncovered a UEFI vulnerability in the Phoenix SecureCore UEFI firmware, which affects a variety of Intel Core desktop and mobile processors. This now-patched vulnerability, identified as CVE-2024-0762 with a CVSS score of 7.5, has been termed “UEFIcanhazbufferoverflow.” It involves a buffer overflow caused by an unsafe variable in the Trusted Platform Module (TPM) configuration, potentially allowing malicious code execution.
https://tuxcare.com/blog/researchers-un ... ntel-cpus/