Potential buffer overflow when handling UEFI variables

Vulnerability

A potential buffer overflow vulnerability exists in the unsafe handling of UEFI variables in Phoenix SecureCore™ firmware for Intel Gemini Lake platforms [1]. This issue affects SecureCore for Intel Gemini Lake from version 4.1.0.1 before 4.1.0.567 [1]. The vulnerability is present in the UEFI variable interfaces within the SCT firmware code [1].

Exploitation

An attacker with local access or the ability to influence UEFI variable inputs could potentially trigger a buffer overflow. Exploitation requires either physical access or the ability to execute code with sufficient privileges to manipulate UEFI variables during boot or runtime [1]. The specific sequence of steps to trigger the overflow has not been publicly disclosed in detail beyond the general description of unsafe variable handling.

Impact

Successful exploitation could lead to a buffer overflow, potentially resulting in privilege escalation or denial of service. The attacker might gain elevated privileges within the firmware environment or cause system instability or crash [1]. The exact CIA impact is context-dependent, but the vulnerability could compromise system integrity or availability.

Mitigation

Phoenix made mitigations for CVE-2024-1598 available in April 2024 [1]. Users should update their firmware to the latest version provided by their system manufacturer [1]. For device-specific information, contacting the hardware vendor is recommended [1]. No workarounds other than the firmware update have been published.