EUVD-2024-16550

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Potential buffer overflow in UEFI variable handling in Phoenix SecureCore for select Intel platforms

Reporter	Title	Published	Views	Family All 12
BDU FSTEC	The vulnerability of the Trusted Platform Module (TPM) subsystem of the Phoenix SecureCore UEFI processor software from Intel allows a hacker to execute arbitrary code.	21 Jun 202400:00	–	bdu_fstec
Circl	CVE-2024-0762	20 Jun 202416:06	–	circl
CNNVD	Phoenix SecureCore 安全漏洞	14 May 202400:00	–	cnnvd
CVE	CVE-2024-0762	14 May 202414:56	–	cve
Cvelist	CVE-2024-0762 Potential buffer overflow when handling UEFI variables	14 May 202414:56	–	cvelist
GithubExploit	exploitra	17 Apr 202611:49	–	githubexploit
NVD	CVE-2024-0762	14 May 202416:15	–	nvd
OSV	CVE-2024-0762	14 May 202416:15	–	osv
Positive Technologies	PT-2024-4256	14 May 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-0762	4 Feb 202523:12	–	redhatcve

[
  {
    "enisaIdVendor": [
      {
        "id": "9c745fff-2bb6-3603-b528-07bd7a50b89a",
        "vendor": {
          "name": "Phoenix"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "1e6d2886-64af-306b-80f9-8222b22b46a4",
        "product": {
          "name": "SecureCore™ for Intel Ice Lake"
        },
        "product_version": "4.2.0.1 <4.2.0.323"
      },
      {
        "id": "2d5eb66d-f4cd-35f3-b4ff-60ade91f0f86",
        "product": {
          "name": "SecureCore™ for Intel Alder Lake"
        },
        "product_version": "4.4.0.1 <4.4.0.269"
      },
      {
        "id": "35a49141-62f2-3bb5-bb5e-e30b90efbb8c",
        "product": {
          "name": "SecureCore™ for Intel Coffee Lake"
        },
        "product_version": "4.1.0.1 <4.1.0.562"
      },
      {
        "id": "36332449-05fb-35d9-b93e-2f0b8a9c4604",
        "product": {
          "name": "SecureCore™ for Intel Raptor Lake"
        },
        "product_version": "4.5.0.1 <4.5.0.218"
      },
      {
        "id": "44c7c484-48ce-371e-b260-eb72e82a2999",
        "product": {
          "name": "SecureCore™ for Intel Comet Lake"
        },
        "product_version": "4.2.1.1 <4.2.1.287"
      },
      {
        "id": "e599d43b-325c-3ab1-b203-2f34f2ff3c54",
        "product": {
          "name": "SecureCore™ for Intel Kaby Lake"
        },
        "product_version": "4.0.1.1 <4.0.1.998"
      },
      {
        "id": "fb1950fc-644b-307e-8c3c-4fcdbb19fd5d",
        "product": {
          "name": "SecureCore™ for Intel Meteor Lake"
        },
        "product_version": "4.5.1.1 <4.5.1.15"
      },
      {
        "id": "fc814bbb-135d-35bf-a973-88a1bbf5e616",
        "product": {
          "name": "SecureCore™ for Intel Jasper Lake"
        },
        "product_version": "4.3.1.1 <4.3.1.184"
      },
      {
        "id": "fd11d5e3-9895-3f33-90b3-164c2409824d",
        "product": {
          "name": "SecureCore™ for Intel Tiger Lake"
        },
        "product_version": "4.3.0.1 <4.3.0.236"
      }
    ]
  }
]

Source	Link
phoenix	www.phoenix.com/security-notifications/cve-2024-0762/
eclypsium	www.eclypsium.com/blog/ueficanhazbufferoverflow-widespread-impact-from-vulnerability-in-popular-pc-and-server-firmware/
news	www.news.ycombinator.com/item
nvd	www.nvd.nist.gov/vuln/detail/CVE-2024-0762
phoenixtech	www.phoenixtech.com/phoenix-security-notifications/CVE-2024-0762/

03 Oct 2025 20:07Current

6.8Medium risk

Vulners AI Score6.8

CVSS 3.17.5 - 7.8

EPSS0.00389

SSVC