Security Notifications
With experts in UEFI firmware development across the globe, the Phoenix Security Team is dedicated to establishing and fortifying trust in firmware.
Phoenix Technologies Windows Driver Vulnerability
CVE-2023-35841
Phoenix was notified about a vulnerability in a Windows kernel driver that was distributed as a part of our Phoenix Tools Subscription.
Phoenix Technologies Buffer Overflow Vulnerability on GeminiLake
CVE-2024-1598
Phoenix was notified about a vulnerability in UEFI variable interfaces in Phoenix SCT firmware code on some platforms potentially leading to a buffer overflow.
Phoenix Technologies Buffer Overflow Vulnerability in TPM Configuration
CVE-2024-0762
Phoenix was notified about an unsafe UEFI variable handling vulnerability in the TPM configuration for some platforms potentially leading to a buffer overflow.
Critical Vulnerability in Linux XZ Utils Library
CVE-2024-3094 | CISA Alert | Ubuntu Alert
On March 28th, 2024, it was discovered that a sophisticated social engineering attack introduced a backdoor in the XZ Utils library, which provides data compression and decompression services and is included in many Linux distributions.
PixieFail UEFI Flaws Expose Millions of Computers
Reference Article
Multiple security vulnerabilities have been disclosed in the TCP/IP network protocol stack of an open-source reference implementation of the Unified Extensible Firmware Interface (UEFI) specification used widely in modern computers.