Lenovo
Lenovo devices running on vulnerable Insyde firmware were targeted by the BootKitty Linux UEFI bootkit exploiting the LogoFAIL flaws (CVE-2023-40238). BootKitty bypassed UEFI Secure Boot by injecting rogue certificates and exploiting vulnerabilities in UEFI image-parsing components through tampered BMP files. The bootkit was capable of disabling kernel signature verification, preloading malicious binaries, and targeting specific Ubuntu versions. Despite available security patches, many devices remained at risk. The incident served as a reminder of the dangers associated with unaddressed vulnerabilities and the importance of timely updates to safeguard devices in the field.
Source: https://securityaffairs.com/171606/malware/bootkitty-logofail-flaws.html
"id": "len001120824",
"linkid": "lenovo",
"type": "Vulnerability",
"date": "12/2024",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"