Almost 800 of more than 10,000 firmware images continue to leverage cryptographic keys exposed by the PKfail vulnerability, tracked as CVE-2024-8105, months after the discovery of the issue, posing an increased risk of being subjected to UEFI bootkit malware intrusions, according to BleepingComputer.
American Megatrends keys accounted for most of the vulnerable firmware, followed by those from Insidye and Phoenix, a report from Binarly showed. "Based on our data, we found PKfail and non-production keys on medical devices, desktops, laptops, gaming consoles, enterprise servers, ATMs, POS terminals, and some weird places like voting machines," said the report, which also noted the vulnerability's impact on Minisforum, Beelink, and Hardkernel devices. Numerous vendors, including Dell, Intel, Gigabyte, Fujitsu, and Supermicro, have already issued alerts regarding the issue although not all have acted quickly to notify users about the risks of PKfail. Organizations have been urged to isolate or restrict physical access to devices unlikely to be patched for PKfail.
