{"uuid": "50c56b25-236a-431b-bf37-43c1521baf5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45230", "type": "seen", "source": "https://t.me/securixy_kz/794", "content": "\ud83e\uddda\ud83c\udffd\u200d\u2642\ufe0f\u00a0 PixieFail\u00a0: when booting over the network allows to take over billions of systems.\n\nYet another story of vulnerabilities in UEFI: supply chain vulnerabilities are not dead.\n\u00a0\nA few weeks ago, our friends at BINARLY\ud83d\udd2c \n disclosed LogoFail. When a tampered image is used during the boot of almost any computer, it could break the root of trust and take total control over the system. \n\nLet us introduce PixieFail which does the same using network booting. \n\n\ud83d\udc7e UEFI is a complex software handling (too) many features. And vulnerabilities in UEFI have high impact:\n\ud835\udfcf They might likely break the root of trust. \n\ud835\udfd0 They affect billions of devices. \n\nInstalling and configuring the operating system on tens of thousands of servers is extremely onerous without any form of automation. \n\nNetwork boot is a standard feature on enterprise computers and servers. Using network boot to load an OS image from the network at boot time is popular in data centers and high-performance computing (HPC) environments.\n\nThey all need to be provisioned with the same operating system and software configuration. Downloading and running the OS from a central set of servers (Boot servers) greatly simplifies management. \n\nUEFI allows to do that using a feature called PXE boot, also known as \u201cPixie boot\u201d.\n\n\ud83d\udca5 But what happens if there is an exploitable vulnerability during the process?\n\n\ud83d\udca5 \ud83d\udca5 And what if such vulnerability is present in the reference code that almost all vendors use in their systems?\n\nLast year, Quarkslab security researchers found 9\ufe0f\u20e3 of those vulnerabilities!\n\nThey were found in the networking stack of EDK II, an open source implementation of the UEFI specification, used by nearly all vendors of server and desktop systems. \n\nFinding such flaws in a critical piece of the firmware supply chain of billions of devices shows that we are still far away from achieving the level of trustworthiness of our computing infrastructure needed in modern times.\n\n\ud83d\ude25 Reporting and coordinating the timely release of fixes for such bugs is also a difficult (free) task. Thanks to the CERT-FR and CERT/CC to report them to all affected vendors and get them fixed.\n\nThe collection: CVE-2023-45229, CVE-2023-45230, CVE-2023-45231, CVE-2023-45232, CVE-2023-45233, CVE-2023-45234, CVE-2023-45235, CVE-2023-45236, CVE-2023-45237.\n\n\ud83d\udcd6 Want to know more about PixieFail? Follow the white rabbit: https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html", "creation_timestamp": "2026-07-12T22:00:13.171989Z"}