{"id":59750,"date":"2024-01-17T06:00:12","date_gmt":"2024-01-17T11:00:12","guid":{"rendered":"http:\/\/pappp.net\/?guid=e35ded3a59d140d3d2f8609198780ad0"},"modified":"2024-01-17T06:00:12","modified_gmt":"2024-01-17T11:00:12","slug":"new-uefi-vulnerabilities-send-firmware-devs-industry-wide-scrambling","status":"publish","type":"post","link":"https:\/\/pappp.net\/?p=59750","title":{"rendered":"New UEFI vulnerabilities send firmware devs industry wide scrambling"},"content":{"rendered":"

Source: Ars Technica<\/a><\/p>\n

Article note: The reference TianoCore EDK2 PXE implementation that everyone just checks out a copy of and ships is full of fail, and all you need to exploit it is to be able to sniff\/inject packets on the same network while PXE (netboot) is enabled in the firmware. Lovely. \nSure would be nice if there was something not as over-complicated as UEFI but still capable of passing hardware description tables (...preferably in a format not as nasty as ACPI) so we're not doing DeviceTree shit everywhere.<\/div>
\n
\n \"New\n

Enlarge<\/a> (credit: Nadezhda Kozhedub)<\/p> <\/figure>\n\n\n\n\n\n\n

<\/a><\/div>\n

UEFI firmware from five of the leading suppliers contains vulnerabilities that allow attackers with a toehold in a user's network to infect connected devices with malware that runs at the firmware level.<\/p>\n

The vulnerabilities, which collectively have been dubbed PixieFail by the researchers who discovered them, pose a threat mostly to public and private data centers and possibly other enterprise settings. People with even minimal access to such a network—say a paying customer, a low-level employee, or an attacker who has already gained limited entry—can exploit the vulnerabilities to infect connected devices with a malicious UEFI.<\/p>\n

Short for Unified Extensible Firmware Interface<\/a>, UEFI is the low-level and complex chain of firmware responsible for booting up virtually every modern computer. By installing malicious firmware that runs prior to the loading of a main OS, UEFI infections can’t be detected or removed using standard endpoint protections. They also give unusually broad control of the infected device.<\/p><\/div>

Read 17 remaining paragraphs<\/a> | Comments<\/a><\/p>","protected":false},"excerpt":{"rendered":"

Enlarge (credit: Nadezhda Kozhedub) <\/p>\n

UEFI firmware from five of the leading suppl…<\/p>\n

Continue reading →<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[226],"tags":[],"class_list":["post-59750","post","type-post","status-publish","format-standard","hentry","category-news-2"],"_links":{"self":[{"href":"https:\/\/pappp.net\/index.php?rest_route=\/wp\/v2\/posts\/59750","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/pappp.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/pappp.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/pappp.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/pappp.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=59750"}],"version-history":[{"count":0,"href":"https:\/\/pappp.net\/index.php?rest_route=\/wp\/v2\/posts\/59750\/revisions"}],"wp:attachment":[{"href":"https:\/\/pappp.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=59750"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/pappp.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=59750"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/pappp.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=59750"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}