The flaws affect Tianocore’s EDK II UEFI implementation and other major tech companies and BIOS providers, prompting a coordinated disclosure effort by CERT/CC and CERT-FR.
Dec 04, 2023NewsroomTechnology / Firmware Security The Unified Extensible Firmware Interface (UEFI) code from various independent firmware/BIOS vendors (IBVs) has been found vulnerable to potential attacks through high-impact flaws in image parsing libraries embedded into the firmware. The shortcomings, collectively labeled LogoFAIL by Binarly, “can be used by threat actors to deliver a malicious payload […]