Security Notifications
With experts in UEFI firmware development across the globe, the Phoenix Security Team is dedicated to establishing and fortifying trust in firmware.
Critical Vulnerability in Linux XZ Utils Library
CVE-2024-3094 | CISA Alert | Ubuntu Alert
On March 28th, 2024, it was discovered that a sophisticated social engineering attack introduced a backdoor in the XZ Utils library, which provides data compression and decompression services and is included in many Linux distributions.
PixieFail UEFI Flaws Expose Millions of Computers
Reference Article
Multiple security vulnerabilities have been disclosed in the TCP/IP network protocol stack of an open-source reference implementation of the Unified Extensible Firmware Interface (UEFI) specification used widely in modern computers.
Phoenix Technologies LogoFAIL Vulnerability
CVE-2023-5058
Phoenix Technologies has been informed of a serious flaw in Phoenix SecureCore™ Technology™ 4, which is a BIOS firmware that provides advanced security features for various devices.
Phoenix Technologies SPI SMM Driver Vulnerability
Phoenix Technologies has been notified by IOActive researchers of a security issue in its SecureCore Technology SPI SMM Driver that could allow unauthorized access to the SPI flash on some platforms.
High Severity Vulnerability in HP PC BIOS
HP discovered a potential vulnerability in the BIOS of certain HP PC products that use AMI UEFI Firmware.