Primary

Context

Phoenix SecureCore UEFI Variable Handling Vulnerability on Intel Processors

Vulnerability

A vulnerability exists in Phoenix SecureCore firmware for Intel Kaby Lake, Coffee Lake, Comet Lake, and Ice Lake processors. This vulnerability involves improper handling of UEFI variables, allowing for input data manipulation that could lead to unsafe memory access and a temporary denial-of-service condition.

Impact

Exploitation of this vulnerability could cause unsafe memory access, potentially leading to a temporary denial-of-service condition.

Remediation

Users are advised to update their firmware to the latest version and contact their hardware vendor to prevent potential exploitation of this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

1.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

1.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Phoenix SecureCore UEFI Variable Handling Vulnerability on Intel Processors

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating