Campbell, CA  |

Phoenix Technologies Logo

Phoenix becomes a CVE Numbering Authority

CAMPBELL, California, September 5, 2023 – Phoenix Technologies, a leading independent firmware supplier for PCs and computing devices, has been authorized by the CVE (Common Vulnerabilities and Exposures) program as a CVE Numbering Authority (CNA).

CVE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) with a mission to identify, define and catalog publicly disclosed cybersecurity vulnerabilities.

The Phoenix Security Team works directly with its cybersecurity partners to collaboratively manage and mitigate vulnerabilities in compute systems using Phoenix firmware. As a CNA, Phoenix has the ability to directly assign CVE numbers to vulnerabilities discovered in its source code, as well as vulnerabilities in third-party software discovered by the Phoenix team that are not in another CNA’s scope, and publish that information via the CVE vulnerability list.

The CVE list feeds into the U.S. National Vulnerability Database (NVD) under NIST. Information technology and cybersecurity professionals around the world rely on the NVD to ensure they are discussing the same issue and to coordinate their efforts to prioritize and address the vulnerabilities.

Jim Mortensen, Vice President of Engineering at Phoenix Technologies, said:

“Becoming a CNA partner is a further validation of our security focus and commitment which we have held for decades. Our security team has a global reputation for leading cybersecurity focus and for providing our customers with timely and detailed analysis and mitigations to protect against new and emerging threats that target computer and embedded system firmware.

“With the recent introduction of our cloud-based, firmware cybersecurity product, FirmGuard, we are uniquely positioned to provide even more detailed tracking and mitigations for newly emerging vulnerabilities and exploits. FirmGuard is currently used by dozens of managed service providers (MSPs).

“We are highly committed to detection and prevention of cyber vulnerabilities and maintain strong relationships with our cybersecurity partners to continue to enhance the security of system firmware across the industry.”

For more information contact:

Ameet Dhillon
Phoenix Technologies
Director of Marketing
[email protected]