Campbell, CA  |

Phoenix Technologies Logo

Phoenix Technologies Windows Driver Vulnerability

Phoenix was notified about a vulnerability in a Windows kernel driver that was distributed as a part of our Phoenix Tools Subscription. The vulnerability would have allowed a potential escalation of privilege in the system by a malicious Windows application utilizing the driver.

Tracked under CVE-2023-35841, this vulnerability affects versions of the WinFlash driver older than, and has been patched in all releases newer than

Phoenix would like to thank Takahiro Haruyama of Broadcom for their collaboration in coordinated disclosure for this vulnerability.