CVE-2024-0762
May 14, 2024, 7:18 p.m.
Tags
CVSS Score
Product(s) Impacted
Phoenix SecureCore™
- 4.0.1.1 - 4.0.1.998
- 4.1.0.1 - 4.1.0.562
- 4.2.0.1 - 4.2.0.323
- 4.2.1.1 - 4.2.1.287
- 4.3.0.1 - 4.3.0.236
- 4.3.1.1 - 4.3.1.184
- 4.4.0.1 - 4.4.0.269
- 4.5.0.1 - 4.5.0.218
- 4.5.1.1 - 4.5.1.15
Phoenix SecureCore for Intel Kaby Lake
- 4.0.1.1
- 4.0.1.998
Phoenix SecureCore for Intel Coffee Lake
- 4.1.0.1
- 4.1.0.562
Phoenix SecureCore for Intel Ice Lake
- 4.2.0.1
- 4.2.0.323
Phoenix SecureCore for Intel Comet Lake
- 4.2.1.1
- 4.2.1.287
Phoenix SecureCore for Intel Tiger Lake
- 4.3.0.1
- 4.3.0.236
Phoenix SecureCore for Intel Jasper Lake
- 4.3.1.1
- 4.3.1.184
Phoenix SecureCore for Intel Alder Lake
- 4.4.0.1
- 4.4.0.269
Phoenix SecureCore for Intel Raptor Lake
- 4.5.0.1
- 4.5.0.218
Phoenix SecureCore for Intel Meteor Lake
- 4.5.1.1
- 4.5.1.15
Description
Potential buffer overflow in unsafe UEFI variable handling in Phoenix SecureCore™ for select Intel platforms This issue affects: Phoenix SecureCore™ for Intel Kaby Lake: from 4.0.1.1 before 4.0.1.998; Phoenix SecureCore™ for Intel Coffee Lake: from 4.1.0.1 before 4.1.0.562; Phoenix SecureCore™ for Intel Ice Lake: from 4.2.0.1 before 4.2.0.323; Phoenix SecureCore™ for Intel Comet Lake: from 4.2.1.1 before 4.2.1.287; Phoenix SecureCore™ for Intel Tiger Lake: from 4.3.0.1 before 4.3.0.236; Phoenix SecureCore™ for Intel Jasper Lake: from 4.3.1.1 before 4.3.1.184; Phoenix SecureCore™ for Intel Alder Lake: from 4.4.0.1 before 4.4.0.269; Phoenix SecureCore™ for Intel Raptor Lake: from 4.5.0.1 before 4.5.0.218; Phoenix SecureCore™ for Intel Meteor Lake: from 4.5.1.1 before 4.5.1.15.
Weaknesses
Date
Published: May 14, 2024, 4:15 p.m.
Last Modified: May 14, 2024, 7:18 p.m.
Status : Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
22d9ba52-f336-4b0d-bf1f-0efbdcc3c1de
CVSS Data
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
Base Score
Exploitability Score
Impact Score
Base Severity
HIGHCVSS Vector String
The CVSS vector string provides an in-depth view of the vulnerability metrics.
View Vector StringCVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H