Input Data Manipulation Vulnerability in Phoenix SecureCore™ for Intel Processors
CVE-2024-29980

Currently unrated

Key Information:

Vendor: Phoenix Technologies
Status: Phoenix SecureCore™
Vendor: CVE Published:; 14 January 2025

🔔 Create Phoenix Technologies Vulnerability Alert

What is CVE-2024-29980?

The vulnerability in Phoenix SecureCore™ affects various Intel processor architectures, allowing for potential Input Data Manipulation. This issue arises from improper checks for unusual conditions in the firmware, potentially enabling unauthorized manipulation of input data. Affected versions include those prior to specific updates for Kaby Lake, Coffee Lake, Comet Lake, and Ice Lake processors, increasing the risk for users operating outdated firmware.

References

https://www.phoenix.com/phoenix-security-notifications/cv...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 14, 2025