Security News
Google has started working to harden the security of Android at the firmware level, a component of the software stack that interacts directly with the various processors of a system on a chip. The plan is to expand the security in Android devices beyond the operating system, which runs on a multi-core CPU, to the other processors on the SoC for dedicated tasks like cellular communication, media processing, or security modules.
Security researchers have disclosed multiple architectural vulnerabilities in Siemens SIMATIC and SIPLUS S7-1500 programmable logic controllers that could be exploited by a malicious actor to stealthily install firmware on affected devices and take control of them. Put differently, the weaknesses are the result of a lack of asymmetric signature verifications for firmware at bootup, effectively permitting the attacker to load tainted bootloader and firmware while undermining integrity protections.
Cisco has released a new security advisory warning of a high-severity flaw affecting IP Phone 7800 and 8800 Series firmware that could be potentially exploited by a remote attacker to cause remote code execution or a denial-of-service condition. The networking equipment major said it's working on a patch to address the vulnerability, which is tracked as CVE-2022-20968 and stems from a case of insufficient input validation of received Cisco Discovery Protocol packets.
Over a dozen security flaws have been discovered in baseboard management controller firmware from Lanner that could expose operational technology and internet of things networks to remote attacks. BMC refers to a specialized service processor, a system-on-chip, that's found in server motherboards and is used for remote monitoring and management of a host system, including performing low-level system operations such as firmware flashing and power control.
Over a dozen security flaws have been discovered in baseboard management controller firmware from Lanner that could expose operational technology and internet of things networks to remote attacks. BMC refers to a specialized service processor, a system-on-chip, that's found in server motherboards and is used for remote monitoring and management of a host system, including performing low-level system operations such as firmware flashing and power control.
PC maker Lenovo has addressed yet another set of three shortcomings in the Unified Extensible Firmware Interface firmware affecting several Yoga, IdeaPad, and ThinkBook devices. "The vulnerabilities allow disabling UEFI Secure Boot or restoring factory default Secure Boot databases: all simply from an OS," Slovak cybersecurity firm ESET explained in a series of tweets.
A number of firmware security flaws uncovered in HP's business-oriented high-end notebooks continue to be left unpatched in some devices even months after public disclosure.Firmware flaws can have serious implications as they can be abused by an adversary to achieve long-term persistence on a device in a manner that can survive reboots and evade traditional operating system-level security protections.
In this Help Net Security video, Michael Thelander, Director Product Marketing at Eclypsium, discusses how financial organizations are failing to act despite the majority experiencing a firmware-related breach. 92% of CISOs in finance believe adversaries are better equipped at weaponizing firmware than their teams are at securing it, according to Eclypsium and Vanson Bourne.
A set of six high-severity firmware vulnerabilities impacting a broad range of HP Enterprise devices are still waiting to be patched, although some of them were publicly disclosed since July 2021. Firmware flaws are particularly dangerous because they can lead to malware infections that persist even between OS re-installations or allow long-term compromises that would not trigger standard security tools.
Firmware flaws are particularly dangerous because they can lead to malware infections that persist even between OS re-installations or allow long-term compromises that would not trigger standard security tools. As Binarly highlights in the report, even though it's been a month since they made some of the flaws public at Black Hat 2022, the vendor hasn't released security updates for all impacted models, leaving many customers exposed to attacks.