Overview
Description
This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.
Statistics
- 1 Post
Last activity: 10 hours ago
Bluesky
oss-sec: [CVE-2025-14282] dropbear: privilege escalation via unix domain socket forwardings
Overview
- Phoenix
- SecureCore™ for Intel Kaby Lake
14 May 2024
Published
28 Jul 2025
Updated
CVSS v3.1
HIGH (7.5)
EPSS
0.39%
KEV
Description
Potential buffer overflow
in unsafe UEFI variable handling
in Phoenix SecureCore™ for select Intel platforms
This issue affects:
Phoenix
SecureCore™ for Intel Kaby Lake: from 4.0.1.1 before 4.0.1.998;
Phoenix
SecureCore™ for Intel Coffee Lake: from 4.1.0.1 before 4.1.0.562;
Phoenix
SecureCore™ for Intel Ice Lake: from 4.2.0.1 before 4.2.0.323;
Phoenix
SecureCore™ for Intel Comet Lake: from 4.2.1.1 before 4.2.1.287;
Phoenix
SecureCore™ for Intel Tiger Lake: from 4.3.0.1 before 4.3.0.236;
Phoenix
SecureCore™ for Intel Jasper Lake: from 4.3.1.1 before 4.3.1.184;
Phoenix
SecureCore™ for Intel Alder Lake: from 4.4.0.1 before 4.4.0.269;
Phoenix
SecureCore™ for Intel Raptor Lake: from 4.5.0.1 before 4.5.0.218;
Phoenix
SecureCore™ for Intel Meteor Lake: from 4.5.1.1 before 4.5.1.15.
Statistics
- 1 Post
Last activity: 17 hours ago
Bluesky
📌 CVE-2024-0762 (LogoFAIL): Critical UEFI Vulnerability Exposes Major Motherboard Brands to Pre-Boot Attacks https://www.cyberhub.blog/article/17008-cve-2024-0762-logofail-critical-uefi-vulnerability-exposes-major-motherboard-brands-to-pre-boot-attacks