PixieFail UEFI Flaws Expose Millions of Computers to RCE, DoS, and Data Theft
PixieFail UEFI Flaws Expose Millions of Computers to RCE, DoS, and Data Theft
18 January 2024
Multiple security vulnerabilities have been disclosed in the TCP/IP network protocol stack of an open-source reference implementation of the Unified Extensible Firmware Interface (UEFI) specification used widely in modern computers.
Collectively dubbed PixieFail by Quarkslab, the nine issues reside in the TianoCore EFI Development Kit II (EDK II) and could be exploited to