Security News > 2021 > March > Supermicro, Pulse Secure Respond to Trickbot's Ability to Target Firmware

Supermicro, Pulse Secure Respond to Trickbot's Ability to Target Firmware
2021-03-05 12:17

Server and storage technology giant Supermicro and secure access solutions provider Pulse Secure have issued advisories to inform users that some of their products are vulnerable to the Trickbot malware's ability to target firmware.

In early December, security researchers at Advanced Intelligence and enterprise device security firm Eclypsium revealed that Trickbot not only survived a takedown attempt, but also gained the ability to scan UEFI/BIOS firmware for vulnerabilities that would allow making modifications.

Referred to as Trickboot, the ability would enable TrickBot operators to use firmware implants and backdoors in their attacks, control the boot operations to fully control systems, or even start bricking devices, the researchers warned at the time.

"TrickBoot is a new functionality within the TrickBot malware toolset capable of discovering vulnerabilities and enabling attackers to read/write/erase the device's BIOS," Supermicro notes in an advisory published this week.

"A vulnerability in the BIOS of Pulse Secure could allow an attacker to compromise BIOS firmware. This vulnerability can be exploited only as part of an attack chain. Before an attacker can compromise the BIOS, they must exploit the device," Pulse Secure notes in its advisory.

Patches are available for Pulse Connect Secure / Pulse Policy Secure and are pending release for Pulse One.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/dVRnmu8xB50/supermicro-pulse-secure-respond-trickbots-ability-target-firmware

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Supermicro 692 1 3 8 4 16