Black Hat 2018: Update Mechanisms Allow Remote Attacks on UEFI Firmware

The glitch stems from a functionality intended to allow updates to the UEFI firmware.

LAS VEGAS – Researchers said they found buffer overflow flaws in the firmware for ASRock and ASUS, potentially enabling bad actors to remotely launch man-in-the-middle (MITM) attacks.

The findings, which will be presented Wednesday at Black Hat USA this week by researchers from Eclypsium, show that ASRock and ASUS firmware contain flaws in their update mechanisms: Specifically, the problem exists in the Unified Extensible Firmware Interface (UEFI), a specification defining the software interface between the OS and the platform firmware.

“The remote aspect is really important, it’s the first time someone publicly disclosed the exploit against UEFI remotely,” Yuriy Bulygin, CEO and founder of Eclypsium, told Threatpost. “While a lot of research so far require malicious code running on the box, we’ve discovered that these vulnerabilities in networks can now be exploited remotely.”

UEFI has slowly come to replace BIOS, or Basic Input-Output System (Intel has announced plans to completely replace BIOS with UEFI on all chipsets by 2020). While both BIOS and UEFI start when users boot up their PCs (before the OS boots up), UEFI supports faster boot times and larger hard drives. One of these features, which vendors like ASUS, ASRock and HP support, is the ability for vendors to automatically update.

However, Bulygin explained that when the update mechanism is used in the ASUS and ASRock systems, it configures the network using dynamic host configuration protocol and then makes a plain HTTP request to a remote server to check if a newer version of the UEFI BIOS firmware is available than the version currently running in the system. Thus, there’s no SSL protection nor verification that it’s actually talking to the correct remote server.

“If we are able to intercept this request via MITM or otherwise redirect the request to our server (e.g. DNS/ARP/route poisoning, etc), we can modify the response returned to the client and exploit the vulnerability,” the researchers said.

The code from both vendors that parses these responses from the remote server isn’t correctly verifying the sizes of certain embedded fields in the documents, which result in buffer overflows and arbitrary code execution just by checking if a newer version of firmware exists.

Hardware firmware protections are not enabled yet, and researchers said they could write persistent malware to the SPI flash, which will run every time the system is booted afterwards.

Because the code is highly privileged and running before the OS loads, researchers said bad actors could exploit it to do an array of things: including using the NTFS EFI driver to implant malware into the operating system; using the same driver to exfiltrate files stolen off of the hard drive or encrypt them with ransomware; and installing an SMM rootkit and then letting the operating system load normally to attack other assets.

Researchers said that both ASRock and ASUS were notified of the glitch. While ASRock has deleted its update mechanism, ASUS has yet to offer mitigations.

The flaw also shows the risks of firmware glitches – a theme which Bulygin said would be closely watched at this year’s Black Hat conference.

“It highlights that we tend to spend a lot of time on securing software and looking for vulnerabilities on software, but so much firmware has little visibility on what’s going on there from the malware perspective,” he said. “There’s this gap across the industry that we need to be closing and paying more attention to.”

Suggested articles