CVE-2024-8105: An UEFI Flaw Putting Millions of Devices at Risk - #PKFail
The PKfail vulnerability, identified in the UEFI Secure Boot process, affects hundreds of device models from major vendors including HP, Lenovo, Dell, Intel, Acer, and Gigabyte. This flaw, stemming from the mishandling of cryptographic keys meant for non-production use, has been present for over 12 years and allows attackers to bypass Secure Boot protections and install UEFI malware. Researchers from Binarly and Santa Monica discovered that over 10% of firmware images analyzed used untrusted Platform Keys, leading to significant supply chain security risks. Major vendors are advised to adopt better cryptographic practices, and users are encouraged to apply firmware updates. The discovery emphasizes the critical need for improved key management policies to secure the firmware supply chain.