Security News > 2024 > January > PixieFail flaws impact PXE network boot in enterprise systems
A set of nine vulnerabilities, collectively called 'PixieFail,' impact the IPv6 network protocol stack of Tianocore's EDK II, the open-source reference implementation of the UEFI specification widely used in enterprise computers and servers.
The flaws are present in the PXE network boot process, which is crucial for provisioning operating systems in data centers and high-performance computing environments, and a standard procedure for loading OS images from the network at boot.
The PixieFail flaws were discovered by Quarkslab researchers and have already been disclosed to impacted vendors via a coordinated effort by CERT/CC and CERT-FR. PixieFail details.
PXE enables network booting, and its IPv6 implementation introduces additional protocols, increasing the attack surface.
PixieFail attacks consist of nine flaws that can be exploited locally on a network to cause denial of service, information disclosure, remote code execution, DNS cache poisoning, and network session hijacking.
CVE-2023-45237: Use of a weak pseudo-random number generator in the network stack, potentially facilitating various network attacks.
News URL
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-16 | CVE-2023-45237 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Tianocore Edk2 EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. | 7.5 |