{"vulnerability": "CVE-2024-0762", "sightings": [{"uuid": "9dc777d5-7ce1-4e8a-aac6-bb5e1d5b57df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-0762", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8454", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aDetecting vulnerabilities like CVE-2024-0762, particularly in UEFI firmware, is quite challenging due to the low-level nature \nURL\uff1ahttps://github.com/tadash10/Detect-CVE-2024-0762\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-09-05T03:31:27.000000Z"}, {"uuid": "141ae2c5-f1c5-47ad-9cce-8f920f0e95af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-0762", "type": "published-proof-of-concept", "source": "Telegram/bqmX3h1Sb0rkNJoLBvn17Sco5zzr_WHCVqrjR34Uhw9vm6Y", "content": "", "creation_timestamp": "2025-08-26T09:00:05.000000Z"}, {"uuid": "d6fe15a6-f383-4eb4-a18b-f636e97b390a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-0762", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mahntjbcc32s", "content": "", "creation_timestamp": "2025-12-21T02:20:24.472733Z"}, {"uuid": "c3810e2a-6308-4b47-a63a-4432b8cd9f2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-0762", "type": "seen", "source": "Telegram/eQJUoFMG9dz4a4kt-9gSC1gN1RV02VBLWtyle61VFgI3AeE", "content": "", "creation_timestamp": "2024-06-20T18:13:03.000000Z"}, {"uuid": "0b14599c-a2e9-4841-90a9-e15cafd22a9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-0762", "type": "seen", "source": "https://t.me/BleepingComputer/20191", "content": "\u200aPhoenix UEFI vulnerability impacts hundreds of Intel PC models\n\nA newly discovered vulnerability in Phoenix SecureCore UEFI firmware tracked as CVE-2024-0762 impacts devices running numerous Intel CPUs, with Lenovo already releasing new firmware updates to resolve the flaw. [...]\n\nhttps://www.bleepingcomputer.com/news/security/phoenix-uefi-vulnerability-impacts-hundreds-of-intel-pc-models/", "creation_timestamp": "2024-06-21T01:28:42.000000Z"}, {"uuid": "9cbcacc9-5c40-4d32-8d67-ae20335c33ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-0762", "type": "seen", "source": "https://t.me/kasperskyb2b/1312", "content": "\ud83d\udc4c \u0418\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0435 \u043d\u043e\u0432\u043e\u0441\u0442\u0438 \u0418\u0411 \u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f APT \u0437\u0430 \u043d\u0435\u0434\u0435\u043b\u044e\n\n\ud83d\udda5 \u041a\u043e\u043d\u0433\u043b\u043e\u043c\u0435\u0440\u0430\u0442 \u0430\u0437\u0438\u0430\u0442\u0441\u043a\u0438\u0445 APT \u0430\u0442\u0430\u043a\u0443\u0435\u0442 \u0442\u0435\u043b\u0435\u043a\u043e\u043c-\u0441\u0435\u043a\u0442\u043e\u0440 \u0432 \u043d\u0435\u043d\u0430\u0437\u0432\u0430\u043d\u043d\u043e\u0439 \u0430\u0437\u0438\u0430\u0442\u0441\u043a\u043e\u0439 \u0441\u0442\u0440\u0430\u043d\u0435 \u0441 \u0446\u0435\u043b\u044c\u044e \u0448\u043f\u0438\u043e\u043d\u0430\u0436\u0430, \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u0430 \u043a\u043e\u043c\u043c\u0443\u043d\u0438\u043a\u0430\u0446\u0438\u0439 \u0438, \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e, \u0438\u0437\u0443\u0447\u0430\u044f \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0438 \u0434\u0435\u0441\u0442\u0440\u0443\u043a\u0442\u0438\u0432\u043d\u044b\u0445 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439. \u0412 \u0430\u0442\u0430\u043a\u0435 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043d\u043e \u0412\u041f\u041e Coolclient, Rainyday \u0438\u00a0 Quickheal, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0434\u0440\u0443\u0433\u0438\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b, \u0440\u0430\u043d\u0435\u0435 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043d\u044b\u0435 \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 APT Naikon, Mustang Panda, Nomad Panda/RedFoxtrot. \n\n\u0410 \u0433\u0440\u0443\u043f\u043f\u0430 Velvet Ant \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u043e\u0432\u0430\u043b\u0430 \u0448\u043f\u0438\u043e\u043d\u0441\u043a\u0443\u044e \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044e, \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u0432 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 F5 BIG-IP \u0443 \u0436\u0435\u0440\u0442\u0432\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0430\u0434\u0430\u043f\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430 \u043f\u043e\u0434 \u0441\u0432\u043e\u0438 \u043d\u0443\u0436\u0434\u044b \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 C2. \u041d\u0430 \u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0430\u0445 \u0432 \u0441\u0435\u0442\u0438 \u0440\u0430\u0437\u0432\u043e\u0440\u0430\u0447\u0438\u0432\u0430\u043b\u0438 PlugX. \u0412\u0435\u043a\u0442\u043e\u0440 \u0430\u0442\u0430\u043a\u0438 \u2014 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u041e\u0421 \u0447\u0435\u0440\u0435\u0437 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0435 CVE.\n\n\ud83d\udcf1 \u0418\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0439 \u043f\u043e\u0432\u043e\u0440\u043e\u0442 \u0432 ransomware-\u0430\u0442\u0430\u043a\u0430\u0445: \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0435 \u0412\u041f\u041e \u0434\u043b\u044f Android \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c Rafel RAT \u0440\u0430\u0437\u0432\u043e\u0440\u0430\u0447\u0438\u0432\u0430\u044e\u0442 \u043d\u0430\u00a0 \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0438\u0445 \u0441\u043c\u0430\u0440\u0442\u0444\u043e\u043d\u0430\u0445, \u0431\u043b\u043e\u043a\u0438\u0440\u0443\u044e\u0442 \u0438\u0445 \u0438 \u0442\u0440\u0435\u0431\u0443\u044e\u0442 \u043e\u043f\u043b\u0430\u0442\u0443 \u0447\u0435\u0440\u0435\u0437 Telegram.\u00a0 \u041f\u043e \u043d\u0430\u0431\u043b\u044e\u0434\u0435\u043d\u0438\u044f\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u043f\u043e\u0434 \u0440\u0430\u0437\u0434\u0430\u0447\u0443 \u0447\u0430\u0441\u0442\u043e \u043f\u043e\u043f\u0430\u0434\u0430\u044e\u0442 \u0438\u043c\u0435\u043d\u043d\u043e \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0435 \u0441\u043c\u0430\u0440\u0442\u0444\u043e\u043d\u044b. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0442\u0430\u043a\u0442\u0438\u043a\u0443 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u044e\u0442 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0440\u0430\u0437\u043d\u044b\u0445 \u0433\u043f\u0443\u043f\u043f. \n\n\u0420\u0443\u0442\u043a\u0438\u0442\u044b \u043d\u0430 \u0444\u0435\u0440\u043c\u0435: \u0433\u0440\u0443\u043f\u043f\u0430 UNC3886 \u043e\u0431\u043b\u044e\u0431\u043e\u0432\u0430\u043b\u0430 \u043e\u043f\u0435\u043d\u0441\u043e\u0440\u0441\u043d\u044b\u0435 \u0440\u0443\u0442\u043a\u0438\u0442\u044b\u00a0Reptile \u0438 Medusa, \u0447\u0442\u043e\u0431\u044b \u043c\u0430\u0441\u043a\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u0432\u043e\u0451 \u043f\u0440\u0438\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435 \u043d\u0430 \u043c\u0430\u0448\u0438\u043d\u0430\u0445 \u0441 VMware ESXi. \u0423\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0435\u0439 \u0432\u0435\u0434\u0451\u0442\u0441\u044f \u0447\u0435\u0440\u0435\u0437 Github, \u0446\u0435\u043b\u044c\u044e \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0448\u043f\u0438\u043e\u043d\u0430\u0436. \n\n\ud83d\udfe1 \u0422\u0435\u043c \u0432\u0440\u0435\u043c\u0435\u043d\u0435\u043c RaaS RansomHub \u043f\u0440\u0435\u0434\u043b\u0430\u0433\u0430\u0435\u0442 \u0441\u0432\u043e\u0438\u043c \"\u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c\"\u00a0 \u043c\u043e\u0434\u0443\u043b\u044c \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u043d\u0430 \u0444\u0435\u0440\u043c\u044b ESXi.\u00a0 \n\n\ud83d\udfe2 \u0421\u0435\u0440\u044c\u0451\u0437\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0435\u043a\u043e\u043c-\u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0435 Adobe Commerce/Magento \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0447\u0438\u0442\u0430\u0442\u044c \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b \u0438 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u0443\u0440\u043e\u0432\u043d\u044f API admin. \u0414\u043b\u044f \nCVE-2024-34102 (CVSS 9.8) \u0432\u044b\u043f\u0443\u0449\u0435\u043d \u0444\u0438\u043a\u0441, \u043d\u043e \u0442\u0440\u0438 \u0447\u0435\u0442\u0432\u0435\u0440\u0442\u0438 \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u043d\u044b\u0445 \u0443\u0433\u0440\u043e\u0437\u0435 \u0441\u0430\u0439\u0442\u043e\u0432 \u0435\u0433\u043e \u043d\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u043b\u0438. \n\n\ud83d\udcbe \u0410 \u0434\u0435\u0444\u0435\u043a\u0442 \u0432 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u043c UEFI\nPhoenix SecureCore \u0441\u0442\u0430\u0432\u0438\u0442 \u043f\u043e\u0434 \u0443\u0433\u0440\u043e\u0437\u0443 \u0441\u043e\u0442\u043d\u0438 \u043c\u043e\u0434\u0435\u043b\u0435\u0439 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u043e\u0432 Acer, Dell, Lenovo\u00a0 \u0438 HP. \u041b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0439 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0439 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0438 \u0434\u0430\u0436\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043a\u043e\u0434 \u0432 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u0435 UEFI. \u041e \u0432\u044b\u043f\u0443\u0441\u043a\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0434\u043b\u044f\u00a0 CVE-2024-0762 (CVSS 7.5) \u043f\u043e\u043a\u0430 \u043e\u0431\u044a\u044f\u0432\u0438\u043b\u0430 \u0442\u043e\u043b\u044c\u043a\u043e Lenovo. \n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 #APT #\u0434\u0430\u0439\u0434\u0436\u0435\u0441\u0442 @\u041f2\u0422", "creation_timestamp": "2024-06-24T14:58:52.000000Z"}, {"uuid": "f4dd111a-307d-478a-9bb3-09d7a1dff4d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-0762", "type": "seen", "source": "Telegram/9pVzPKMgn-evWxkWwqKTuonRe54JqROcmopep7y-rGcRow", "content": "", "creation_timestamp": "2024-06-20T20:10:55.000000Z"}, {"uuid": "2dab0cba-e002-4c11-84f7-c6405a45b959", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-0762", "type": "seen", "source": "Telegram/lQ5SOKOpQpn5_TsnaVWkOoaBh7uN7wdojnaYTRQi0ugRw2kq", "content": "", "creation_timestamp": "2024-06-30T10:59:53.000000Z"}, {"uuid": "8155aa58-f816-44b5-8a9d-8c8b219d7cdf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-0762", "type": "seen", "source": "Telegram/_iFmxJ6f0827YddpJyPp42JewDeJ7Mf1-NSF1GB-a-dIXJZ0", "content": "", "creation_timestamp": "2024-06-26T11:28:08.000000Z"}, {"uuid": "9264bdbd-8fec-4c4c-ab62-418ce55ed782", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-0762", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/3358", "content": "\u200aUEFICANHAZBUFFEROVERFLOW flaw in Phoenix SecureCore UEFI firmware potentially impacts hundreds of PC and server models\n\nhttps://securityaffairs.com/164771/hacking/phoenix-securecore-uefi-firmware-cve-2024-0762.html", "creation_timestamp": "2024-06-22T16:29:15.000000Z"}, {"uuid": "ec2d0f50-65ea-486e-ad8b-5948b46a900e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-0762", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/12472", "content": "The Hacker News\nResearchers Uncover UEFI Vulnerability Affecting Multiple Intel CPUs\n\nCybersecurity researchers have disclosed details of a now-patched security flaw in Phoenix SecureCore UEFI firmware that affects multiple families of Intel Core desktop and mobile processors.\nTracked as CVE-2024-0762 (CVSS score: 7.5), the \"UEFIcanhazbufferoverflow\" vulnerability has been described as a case of a buffer overflow stemming from the use of an unsafe variable in the Trusted Platform", "creation_timestamp": "2024-06-20T20:09:08.000000Z"}, {"uuid": "3ee81b4b-cc91-491e-a8e9-2c8dfe656c00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-0762", "type": "seen", "source": "Telegram/YR_1C4waZb0l3rXY6oJH-4KLTpABzTz5siehNZ5DQO1UPA", "content": "", "creation_timestamp": "2024-06-20T17:37:50.000000Z"}, {"uuid": "357d5b03-9f2f-4214-8a1a-05a817c02d5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-0762", "type": "seen", "source": "Telegram/pU4O7s8b76COyo7DeT9qd7DOAI7ilNfbjfBf1PCZ366WWEs", "content": "", "creation_timestamp": "2024-06-21T14:00:13.000000Z"}, {"uuid": "82e1e46e-02ac-4e41-868b-d30ec5ad689a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-0762", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/2465", "content": "The Hacker News\nResearchers Uncover UEFI Vulnerability Affecting Multiple Intel CPUs\n\nCybersecurity researchers have disclosed details of a now-patched security flaw in Phoenix SecureCore UEFI firmware that affects multiple families of Intel Core desktop and mobile processors.\nTracked as CVE-2024-0762 (CVSS score: 7.5), the \"UEFIcanhazbufferoverflow\" vulnerability has been described as a case of a buffer overflow stemming from the use of an unsafe variable in the Trusted Platform", "creation_timestamp": "2024-06-20T20:09:08.000000Z"}, {"uuid": "9aec5b5c-37b1-43e1-9405-eb44a682d37d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-0762", "type": "seen", "source": "https://t.me/KomunitiSiber/2138", "content": "Researchers Uncover UEFI Vulnerability Affecting Multiple Intel CPUs\nhttps://thehackernews.com/2024/06/researchers-uncover-uefi-vulnerability.html\n\nCybersecurity researchers have disclosed details of a now-patched security flaw in Phoenix SecureCore UEFI firmware that affects multiple families of Intel Core desktop and mobile processors.\nTracked as CVE-2024-0762 (CVSS score: 7.5), the \"UEFIcanhazbufferoverflow\" vulnerability has been described as a case of a buffer overflow stemming from the use of an unsafe variable in the Trusted Platform", "creation_timestamp": "2024-06-20T18:09:05.000000Z"}, {"uuid": "fb65197c-77dc-45b5-bff1-0750220b3f81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-0762", "type": "seen", "source": "https://t.me/xakep_ru/15994", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Phoenix UEFI \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u043e \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0441 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u0430\u043c\u0438 Intel\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Phoenix SecureCore UEFI, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0430\u044f \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2024-0762 \u0438 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 UEFIcanhazbufferoverflow, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0441\u043e\u0442\u043d\u0438 \u043c\u043e\u0434\u0435\u043b\u0435\u0439 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u043d\u0430 \u0431\u0430\u0437\u0435 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u043e\u0432 Intel.\n\nhttps://xakep.ru/2024/06/21/phoenix-uefi-bug/", "creation_timestamp": "2024-06-21T12:36:12.000000Z"}, {"uuid": "62c451bf-c29b-4b78-a394-4cdee96a15b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-0762", "type": "seen", "source": "https://t.me/information_security_channel/52404", "content": "Hundreds of PC, Server Models Possibly Affected by Serious Phoenix UEFI Vulnerability\nhttps://www.securityweek.com/hundreds-of-pc-server-models-possibly-affected-by-serious-phoenix-uefi-vulnerability/\n\nHundreds of PC and server models may be affected by CVE-2024-0762, a privilege escalation and code execution flaw in Phoenix SecureCore UEFI firmware.\nThe post Hundreds of PC, Server Models Possibly Affected by Serious Phoenix UEFI Vulnerability (https://www.securityweek.com/hundreds-of-pc-server-models-possibly-affected-by-serious-phoenix-uefi-vulnerability/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2024-06-20T16:06:41.000000Z"}, {"uuid": "35988b7c-8e69-4533-b611-abe47bda820a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-0762", "type": "seen", "source": "https://t.me/thehackernews/5147", "content": "Researchers uncover 'UEFIcanhazbufferoverflow' (CVE-2024-0762), a security flaw in Phoenix SecureCore UEFI firmware affecting multiple #Intel processor families. \n \nLearn more: https://thehackernews.com/2024/06/researchers-uncover-uefi-vulnerability.html", "creation_timestamp": "2024-06-20T16:25:34.000000Z"}, {"uuid": "3293a781-0f15-4b3d-81be-e787071c553e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-0762", "type": "seen", "source": "https://t.me/true_secator/5879", "content": "\u0421\u043e\u0442\u043d\u0438 \u043c\u043e\u0434\u0435\u043b\u0435\u0439 \u041f\u041a \u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 Lenovo, Acer, Dell \u0438 HP \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u044b CVE-2024-0762, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u043e\u0439 \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u0434\u0430 \u0432 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0435 SecureCore UEFI \u043e\u0442 Phoenix Technologies.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 CVSS: 7,5, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0430\u044f \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 UEFIcanhazbufferoverflow, \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 Eclypsium \u0438 \u043e\u0431\u0443\u0441\u043b\u043e\u0432\u043b\u0435\u043d\u0430 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u0431\u0443\u0444\u0435\u0440\u0430, \u0432\u044b\u0437\u0432\u0430\u043d\u043d\u044b\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043d\u0435\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u043f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0439 \u0432 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0434\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u043e\u0433\u043e \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0435\u043d\u043d\u043e\u0433\u043e \u043c\u043e\u0434\u0443\u043b\u044f TPM.\n\n\u0422\u0430\u043a\u043e\u0439 \u0442\u0438\u043f \u043d\u0438\u0437\u043a\u043e\u0443\u0440\u043e\u0432\u043d\u0435\u0432\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0442\u0438\u043f\u0438\u0447\u0435\u043d \u0434\u043b\u044f \u0431\u044d\u043a\u0434\u043e\u0440\u043e\u0432 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438 (\u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440,\u00a0BlackLotus), \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u0441\u0435 \u0447\u0430\u0449\u0435 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u044e\u0442\u0441\u044f \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0438\u043b\u043b\u044e\u0441\u0442\u0440\u0438\u0440\u0443\u0435\u0442 \u0445\u0430\u0440\u0430\u043a\u0442\u0435\u0440\u043d\u044b\u0435 \u0447\u0435\u0440\u0442\u044b \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u043e\u0432 \u0432 \u0446\u0435\u043f\u043e\u0447\u043a\u0430\u0445 \u043f\u043e\u0441\u0442\u0430\u0432\u043e\u043a - \u0441\u0438\u043b\u044c\u043d\u043e\u0435 \u0432\u043e\u0437\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435 \u0438 \u0448\u0438\u0440\u043e\u043a\u0438\u0439 \u043e\u0445\u0432\u0430\u0442.\n\n\u0412\u0435\u0434\u044c, \u043a\u0430\u043a \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442 \u0432 Eclypsium, \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0430 UEFI - \u044d\u0442\u043e \u043e\u0434\u0438\u043d \u0438\u0437 \u0441\u0430\u043c\u044b\u0445 \u0446\u0435\u043d\u043d\u044b\u0445 \u043a\u043e\u0434\u043e\u0432 \u043d\u0430 \u0441\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445, \u0438 \u043b\u044e\u0431\u0430\u044f \u0435\u0433\u043e \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u044f \u043c\u043e\u0436\u0435\u0442 \u0434\u0430\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u0438 \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u0441\u0442\u0432\u043e \u0440\u0430\u0431\u043e\u0442\u044b \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0435 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0443 Phoenix SecureCore, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0443\u044e \u043d\u0430 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0441\u0435\u043c\u0435\u0439\u0441\u0442\u0432\u0430\u0445 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u043e\u0432 Intel, \u0432\u043a\u043b\u044e\u0447\u0430\u044f AlderLake, CoffeeLake, CometLake, IceLake, JasperLake, KabyLake, MeteorLake, RaptorLake, RocketLake \u0438 TigerLake.\n\n\u041f\u043e\u0441\u043b\u0435 \u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0433\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u044b\u043b\u0430 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 Phoenix Technologies \u0432 \u0430\u043f\u0440\u0435\u043b\u0435 2024 \u0433\u043e\u0434\u0430, \u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u043d\u0430\u0447\u0430\u043b\u0438 \u043f\u0435\u0440\u0435\u043d\u043e\u0441\u0438\u0442\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043d\u0430 \u0441\u0432\u043e\u0438 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b.\u00a0\n\nLenovo \u043f\u0440\u043e\u0438\u043d\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043b\u0430 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043c\u0430\u0435, \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u0432 \u0441\u0432\u043e\u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438. \n\n\u041e\u0436\u0438\u0434\u0430\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u0434\u043b\u044f \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u043e\u0432 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0442\u0430\u043d\u0443\u0442 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u043f\u043e\u0437\u0434\u043d\u0435\u0435 \u044d\u0442\u0438\u043c \u043b\u0435\u0442\u043e\u043c.", "creation_timestamp": "2024-06-20T17:06:21.000000Z"}, {"uuid": "403c7f2a-f93b-442c-afe6-9d488efa46d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-0762", "type": "seen", "source": "https://t.me/sysodmins/22324", "content": "\u041a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u0438 \u0432\u044b\u044f\u0432\u0438\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0435 Phoenix SecureCore UEFI\n\n\u041e\u043d\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0431\u043e\u043b\u044c\u0448\u043e\u0435 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u043e\u0432 Intel.\n\nEclypsium \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-0762 (CVSS 7,5) \u0432 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0435 Phoenix SecureCore UEFI. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0443 SecureCore \u0434\u043b\u044f \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u0430 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u043e\u0432 Intel, \u0432\u043a\u043b\u044e\u0447\u0430\u044f Alder Lake, Coffee Lake, Comet Lake, Ice Lake, Jasper Lake, Kaby Lake, Meteor Lake, Raptor Lake, Rocket Lake \u0438 Tiger Lake.\n\n\u0421\u0443\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u0430\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u0432 \u043e\u0448\u0438\u0431\u043a\u0435 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043c\u043e\u0434\u0443\u043b\u0435 Trusted Platform Module (TPM), \u0447\u0442\u043e \u0434\u0430\u0451\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0438 \u0443\u0441\u043a\u043e\u0440\u0438\u0442\u044c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u0432 UEFI \u0432\u043e \u0432\u0440\u0435\u043c\u044f \u0440\u0430\u0431\u043e\u0442\u044b.\n\n\u0422\u0438\u043f\u0438\u0447\u043d\u044b\u0439 \ud83e\udd78 \u0421\u0438\u0441\u0430\u0434\u043c\u0438\u043d", "creation_timestamp": "2024-06-24T03:35:35.000000Z"}]}