Eclypsium July 23, 2018
Debug mechanisms are standard components that assist in tracing the source of faults in virtually of all platforms.. These mechanisms are primarily used before a platform reaches production, but also are often used for refurbishing and fixing returned platforms. Security researchers have repeatedly published attacks using debug features, including locating and using JTAG, using debug over USB and finding vulnerabilities in System Management Mode (SMM) using debug.
At Eclypsium, we perform security research to create practical defenses for the hardware foundation of computing infrastructure. We confirmed that debug access over USB enables installation of persistent rootkits in UEFI firmware and runtime SMM firmware on systems that do not securely set debug policy (CVE-2018-3652). This weakness would allow an attacker with physical access to the device to perform an “Evil Maid” attack without opening the case. As others have reported, it is quite difficult to defend against this type of attack. To provide visibility into this threat, we have released a module for the open source CHIPSEC framework in order to detect vulnerable systems.
Full Article.
“Evil Mai?d” Firmware Attacks Using USB Debug
Reply
Rich Text Editor, editor1
Editor toolbars
Press ALT 0 for help
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.