Cybersecurity researchers have disclosed details of a now-patched security flaw in Phoenix SecureCore UEFI firmware that affects multiple families of Intel Core desktop and mobile processors.
Tracked as CVE-2024-0762 (CVSS score: 7.5), the “UEFIcanhazbufferoverflow” vulnerability has been described as a case of a buffer overflow stemming from the use of an unsafe variable in the Trusted Platform