Security News > 2020 > February > Peripherals With Unsigned Firmware Expose Windows, Linux Computers to Attacks

Peripherals With Unsigned Firmware Expose Windows, Linux Computers to Attacks
2020-02-18 12:24

Peripheral devices with unsigned firmware can expose Windows and Linux machines to attacks, allowing hackers to install stealthy and persistent malware, steal valuable information, or take control of a computer.

Researchers at firmware security company Eclypsium have discovered that many peripheral device manufacturers have not implemented checks to ensure that the firmware running on their products comes from a trusted source.

Attacks can be launched against both Windows and Linux computers, including laptops and servers.

Eclypsium has identified insecure firmware on touchpad and TrackPoint firmware used in Lenovo laptops, the HP Wide Vision FHD camera on an HP laptop, the WiFi adapter on a Dell XPS laptop, and a VLI USB hub.

Installing malicious firmware on these types of devices can often be done by abusing legitimate firmware update tools.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/D68jSNZWvhw/peripherals-unsigned-firmware-expose-windows-linux-computers-attacks

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Linux 11 64 2532 1569 67 4232