Security News > 2022 > February > Dozens of Security Flaws Discovered in UEFI Firmware Used by Several Vendors

Dozens of Security Flaws Discovered in UEFI Firmware Used by Several Vendors
2022-02-01 23:04

As many as 23 new high severity security vulnerabilities have been disclosed in different implementations of Unified Extensible Firmware Interface firmware used by numerous vendors, including Bull Atos, Fujitsu, HP, Juniper Networks, Lenovo, among others.

The vulnerabilities reside in Insyde Software's InsydeH2O UEFI firmware, according to enterprise firmware security company Binarly, with a majority of the anomalies diagnosed in the System Management Mode.

UEFI is a software specification that provides a standard programming interface connecting a computer's firmware to its operating system during the booting process.

In x86 systems, the UEFI firmware is usually stored in the flash memory chip of the motherboard.

"By exploiting these vulnerabilities, attackers can successfully install malware that survives operating system re-installations and allows the bypass of endpoint security solutions, Secure Boot, and Virtualization-Based Security isolation," the researchers said.

Worse, the weaknesses can also be chained together to bypass security features and install malware in a manner that survives operating system re-installations and achieve long-term persistence on compromised systems - as observed in the case of MoonBounce - while stealthily creating a communications channel to exfiltrate sensitive data.


News URL

https://thehackernews.com/2022/02/dozens-of-security-flaws-discovered-in.html