Intel processors are once again at the mercy of a new vulnerability. The bug concerns multiple CPU architectures, making it even more dangerous.
Security experts have recently discovered a new vulnerability on Intel CPUs, opening the door for bad actors to run malicious code. Even worse, criminals can apparently execute the attack remotely which increases risks. This vulnerability uses buffer overflow, which consists of feeding more inputs than the buffer can store, causing overwriting of adjacent memory areas that could store other programs’ data. This way, the attacker could technically point to a malicious payload to gain control over the program.
The vulnerability now carries a CVE-2024-0762 designation, and it concerns multiple CPU generations. The affected chip architectures include Alder Lake, Coffee Lake, Comet Lake, Ice Lake, Jasper Lake, Kaby Lake, Meteor Lake, Raptor Lake, Rocket Lake, and Tiger Lake. In other words, the best CPUs from Intel’s 7th generation all the way back in 2016 through to 13th Gen, including mobile models.
Cybersecurity researchers from Eclypsium discovered the flaw, first finding it on Lenovo ThinkPad X1 Carbon 7th Gen and X1 Yoga 4th Gen devices. The bug is baked into Phoenix SecureCore UEFI firmware, and was dubbed ‘UEFICANHAZBUFFEROVERFLOW’. Catchy.
“The issue involves an unsafe variable in the Trusted Platform Module (TPM) configuration that could lead to a buffer overflow and potential malicious code execution,” said Eclypsium. “To be clear, this vulnerability lies in the UEFI code handling TPM configuration – in other words, it doesn’t matter if you have a security chip like a TPM if the underlying code is flawed.”
BleepingComputer said that Lenovo has already released firmware updates to fix the vulnerability in over 150 different models. Unfortunately, this would only resolve the issue for its products, leaving products from other brands open to attacks until they get their updates. That said, if Lenovo was fast to react, others should be able to do the same, so check your brand’s website for new updates.