DACBARBOS BrandJan 20, 2025
RT @quarkslab
Is remote code execution in UEFI firmware possible?
Yes it is.
Meet #PixieFAIL: 9 vulnerabilities in the IPv6 stack of EDK II, the open source UEFI implementation used by billions of computers.
Full details by @fdfalcon and @4Dgifts in our new blog post: https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html
PixieFail: Nine vulnerabilities in Tianocore's EDK II IPv6 network stack.

This blog post provides details about nine vulnerabilities affecting the IPv6 network protocol stack of EDK II, TianoCore's open source reference implementation of UEFI.

Quarkslab's blog
Show threadGabriel KerneisJan 20, 2024
@quarkslab @fdfalcon @4Dgifts L’analyse et les conseils du @CERT_FR pour protéger vos machines de #PixieFAIL : https://www.cert.ssi.gouv.fr/actualite/CERTFR-2024-ACT-004/
Multiples vulnérabilités dans les implémentations d’UEFI – CERT-FR

ottotoJan 19, 2024

#PixieFail #UEFI の欠陥により、数百万台のコンピュータが RCE、DoS、およびデータ盗難にさらされる 」: The Hacker News

「最新のコンピュータで広く使用されている Unified Extensible Firmware Interface ( UEFI )仕様のオープンソース参照実装の TCP/IP ネットワーク プロトコル スタックに、複数のセキュリティ脆弱性が明らかになりました 。

AMI、Intel、Insyde、Phoenix Technologies の UEFI ファームウェア (オペレーティング システムの起動 を担当) がこの欠点の影響を受けます。 」

https://thehackernews.com/2024/01/pixiefail-uefi-flaws-expose-millions-of.html

#prattohome #TheHackerNews

PixieFail UEFI Flaws Expose Millions of Computers to RCE, DoS, and Data Theft

Multiple vulnerabilities, known as PixieFail, have been discovered in widely used UEFI firmware, putting modern computers at risk.

The Hacker News
Show threadCory DoctorowJan 18, 2024

That badware is running in "Ring -1" - a zone of privilege that overrides the operating system itself.

Here's the bad news: UEFI malware has already been detected in the wild:

https://securelist.com/cosmicstrand-uefi-firmware-rootkit/106973/

And here's the worst news: researchers have just identified *another* exploitable UEFI bug, dubbed #Pixiefail:

https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html

27/

CosmicStrand: the discovery of a sophisticated UEFI firmware rootkit

In this report, we present a UEFI firmware rootkit that we called CosmicStrand and attribute to an unknown Chinese-speaking threat actor.

Kaspersky
securityaffairsJan 18, 2024
#PixieFail: Nine flaws in UEFI open-source reference implementation could have severe impacts
https://securityaffairs.com/157683/hacking/pixiefail-uefi-vulnerabilities.html
#securityaffairs #hacking
PixieFail: Nine flaws in UEFI open-source reference implementation

Experts found multiple flaws, collectively named PixieFail, in the network protocol stack of an open-source reference implementation of the UEFI

Security Affairs
raptor Jan 18, 2024

Excellent #security research work and blog post by @quarkslab 🔥

#PixieFail: Nine #vulnerabilities in #Tianocore's EDK II #IPv6 network stack

https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html

Congrats to @4Dgifts who’s #stillhacking after so many years. Inspiring 🙏

PixieFail: Nine vulnerabilities in Tianocore's EDK II IPv6 network stack.

This blog post provides details about nine vulnerabilities affecting the IPv6 network protocol stack of EDK II, TianoCore's open source reference implementation of UEFI.

Quarkslab's blog
Nathan Buuck Jan 17, 2024
#PixieFail
BoxyHQJan 17, 2024
#PixieFAIL : Nine vulnerabilities in Tianocore's EDK II IPv6 network stack. Nine vulnerabilities that affect EDK II, the de-facto open source reference implementation of the UEFI specification and possibly all implementations derived from it. - https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html #security
PixieFail: Nine vulnerabilities in Tianocore's EDK II IPv6 network stack.

This blog post provides details about nine vulnerabilities affecting the IPv6 network protocol stack of EDK II, TianoCore's open source reference implementation of UEFI.

Quarkslab's blog
D_70WN 🌈 🏳️‍⚧️Jan 17, 2024

UEFI reference with CVEs.

PixieFail: Nine vulnerabilities in Tianocore's EDK II IPv6 network stack.

https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html

#cve #uefi #pixiefail

PixieFail: Nine vulnerabilities in Tianocore's EDK II IPv6 network stack.

This blog post provides details about nine vulnerabilities affecting the IPv6 network protocol stack of EDK II, TianoCore's open source reference implementation of UEFI.

Quarkslab's blog
Tom KillaleaJan 16, 2024
Amazing #PixieFAIL work by @fdfalcon and @4Dgifts making EDK II — the reference implementation of UEFI — exploitable during the network boot process.
https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html
PixieFail: Nine vulnerabilities in Tianocore's EDK II IPv6 network stack.

This blog post provides details about nine vulnerabilities affecting the IPv6 network protocol stack of EDK II, TianoCore's open source reference implementation of UEFI.

Quarkslab's blog