A critical vulnerability, identified as CVE-2024-0762 and named 'UEFICANHAZBUFFEROVERFLOW,' has been found in Phoenix SecureCore UEFI firmware, impacting devices with various Intel CPUs. This flaw allows attackers to exploit a buffer overflow bug in the firmware's Trusted Platform Module (TPM) configuration, enabling them to execute malicious code on vulnerable devices. This vulnerability has been confirmed in firmware for multiple Intel CPU models, potentially affecting hundreds of devices from popular brands like Lenovo, Dell, Acer, and HP. The discovery highlights the value of UEFI firmware as a target for attackers, as it plays a vital role in ensuring secure boot processes. Eclypsium, the security firm that uncovered the flaw, warns that this vulnerability could be used to elevate privileges, potentially leading to the installation of bootkit malware. Lenovo has already released new firmware updates to address the issue in some models, with more updates planned for later this year.