Security Notifications
With experts in UEFI firmware development across the globe, the Phoenix Security Team is dedicated to establishing and fortifying trust in firmware.
The BlackLotus Campaign
Microsoft Incident Report | CVE-2022-21894
In April 2023, cybersecurity researchers at Microsoft identified a dangerous UEFI bootkit (CVE-2022-21894), dubbed “BlackLotus”. It operates at computer startup, compromising systems and disabling OS security mechanisms.
High Severity Vulnerability in Acer Aspire E5-475G BIOS
A stack overflow vulnerability has been found in the BIOS firmware of Aspire E5-475G laptops, which can allow local attackers to execute arbitrary code and gain escalated privileges during the boot process.
CosmicStrand: The Discovery of a Sophisticated UEFI Firmware Rootkit
Reference Article
CosmicStrand appears to be the work of an unknown Chinese-speaking threat actor.
MoonBounce: Chinese Group Deploys MoonBounce Implant in UEFI Firmware
The highly targeted attack reveals a new level of sophistication in attacks against UEFI firmware.
High Severity Vulnerability in Dell BIOSConnect
A buffer overflow vulnerability has been identified in the Dell BIOSConnect feature, which allows users to update their BIOS firmware from the cloud.