UEFI flaws allow bootkits to pwn potentially hundreds of devices using images

Hundreds of consumer and enterprise devices are potentially vulnerable to bootkit exploits through unsecured BIOS image parsers.

Security researchers have identified vulnerabilities in UEFI system firmware from major vendors which they say could allow attackers to hijack poorly maintained image libraries to quietly deliver malicious payloads that bypass Secure Boot, Intel Boot Guard, AMD Hardware-Validated Boot, and others.

Dubbed "LogoFail," we're told the set of vulnerabilities allows attackers to use malicious image files that are loaded by the firmware during the boot phase as a means of quietly delivering payloads such as bootkits.

The vulnerabilities affect the image parsing libraries used by various firmware vendors, most of which are exposed to the flaws, according to the researchers at Binarly.

Image parsers are firmware components responsible for loading logos of vendors, or workplaces in cases where work-issued machines are configured to do so, flashing them on the display as the machine boots.

Attackers could feasibly inject their own image file into the EFI system partition, which is then parsed during boot and is capable of quietly installing a malicious payload, such as a bootkit, with persistence.

Binarly said the discovery, which started life as a small side project but turned into a much larger, industry-wide disclosure, should be considered more dangerous than the BlackLotus bootkit from earlier this year.

"LogoFAIL differs from BlackLotus or BootHole threats because it doesn't break runtime integrity by modifying the bootloader or firmware component," said the researchers in a blog post.

• Uh-oh, update Google Chrome – exploit already out there for one of these 6 security holes
• Weak session keys let snoops take a byte out of your Bluetooth traffic
• Trio of major holes in ownCloud expose admin passwords, allow unauthenticated file mods
• OpenCart owner turns air blue after researcher discloses serious vuln

"In this case, we are dealing with continued exploitation with a modified boot logo image, triggering the payload delivery in runtime, where all the integrity and security measurements happen before the firmware components are loaded."

All three of the major independent BIOS vendors – AMI, Insyde, and Phoenix – are affected by the issues, as well as devices from Intel, Acer, and Lenovo .

"Hundreds of consumer and enterprise-grade devices from various vendors, including Intel, Acer, and Lenovo, are potentially vulnerable," the researchers added. 

"The exact list of affected devices is still being determined but it's crucial to note that all three major IBVs are impacted – AMI, Insyde, and Phoenix due to multiple security issues related to image parsers they are shipping as a part of their firmware."

Almost any device powered by the named vendors is thought to be affected "in one way or another," and the vulnerability spans both x86 and ARM architectures.

The researchers will unveil the issues in greater detail next week, debuting the full research on stage at Black Hat Europe in London on December 6.

The talk will include full details of how the vulnerabilities can be exploited in what they say can be simplified into a three-step process.

Binarly claimed that the industry hasn't seen any public documentation of attacks related to image parsers since a presentation from 2009 [PDF] at Black Hat USA, work that saw Rafal Wojtczuk and Alexander Tereshkin exploiting a BMP parser bug.

Since then, the number of image parsers has increased, ones that cover more file types and subsequently increase the potential attack surface, they said. ®