A newly discovered vulnerability in Phoenix SecureCore UEFI firmware tracked as CVE-2024-0762 impacts devices running numerous Intel CPUs, with Lenovo already releasing new firmware updates to resolve the flaw.
The vulnerability, dubbed 'UEFICANHAZBUFFEROVERFLOW,' is a buffer overflow bug in the firmware's Trusted Platform Module (TPM) configuration that could be exploited to perform code execution on vulnerable devices.
https://www.bleepingcomputer.com/news/s ... pc-models/