A series of high-severity cybersecurity vulnerabilities have been uncovered across a range of devices and software. Notable among these are flaws in Bosch thermostats and smart nutrunners, as well as in UEFI firmware, which is used by billions of computers worldwide. The vulnerabilities, collectively known as PixieFAIL, consist of nine issues in the IPv6 stack of EDK II, the open source UEFI implementation. These flaws have prompted firmware developers across the ecosystem to take action. Additionally, a security flaw has been identified in Apple Silicon that affects the iPhone 12 and M2 MacBook Air. Researchers have detailed the PixieFAIL vulnerabilities, highlighting the risk of malware infection on devices from five of the top suppliers. A separate vulnerability in the Magic Keyboard has been found to allow the takeover of iOS, Android, Linux, and MacOS devices. Millions of iPhones and MacBooks are reported to have this security flaw, with no immediate remedy available to users.
Major security flaws found in popular UEFI firmware impact top tech companies https://t.co/LdosoaVOsx
Millions of iPhones and MacBooks have this security flaw, and there's nothing you can do https://t.co/wCtkFwjmrl
PixieFail, The Brand New UEFI Infection To Worry About https://t.co/NEQfVVa3sO
Magic Keyboard vulnerability allows takeover of iOS, Android, Linux, and MacOS devices https://t.co/hjNBZSheXN
Researchers detail PixieFail, a set of nine vulnerabilities in UEFI firmware from five of the top suppliers that helps hackers infect devices with malware (@dangoodin001 / Ars Technica) https://t.co/XsZekU5222 📫 Subscribe: https://t.co/OyWeKSRpIM https://t.co/hvzupx6Hh6
Apple Silicon Security Flaw Discovered in iPhone 12 and M2 MacBook Air https://t.co/Tdohlt2QNa https://t.co/NITSyUIVOM
New UEFI vulnerabilities send firmware devs across an entire ecosystem scrambling https://t.co/ISS0d1kzuG
Is remote code execution in UEFI firmware possible? Yes it is. Meet #PixieFAIL: 9 vulnerabilities in the IPv6 stack of EDK II, the open source UEFI implementation used by billions of computers. Full details by @fdfalcon and @4Dgifts in our new blog post: https://t.co/g4Bg2GK4Y8 https://t.co/s1e4jreAsP
High-Severity Flaws Uncovered in Bosch Thermostats and Smart Nutrunners #cybersecurity https://t.co/t2a8kSMPRo