A new firmware vulnerability called “LogoFAIL” has been disclosed. The flaw exists in the processing of user-supplied splash screen during system boot, which can be exploited by an attacker. By supplying a malicious splash screen, the attacker can cause a denial-of-service attack or execute arbitrary code in the UEFI DXE phase, bypassing the Secure Boot mechanism and compromising the system integrity.
The best way to make sure you are safe from this vulnerability is to update your UEFI Firmware to the latest version provided by your device manufacturer, and to consult your vendor for specific details on patches for this vulnerability. Please refer to CVE-2023-5058 for more details.
LogoFAIL was discovered and reported by BINARLY’s efiXplorer team.