About Secure Boost Bugs
Bootloaders that were in majority of the systems made in the last 10 years have been impacted by Secure Bost bypass vulnerabilities.
Secure Boot is a mechanism made to prevent a device’s boot process from threats, to bypass it will allow an attacker to execute arbitrary code before the operating system can load.
It allows installation of stealthy and persistent malware. The Secure Boot vulnerabilities were found in the Eurosoft (CVE-2022-34301) CVE-2022-34303, New Horizon Datasys (CVE-2022-34302), and CryptoPro Secure Disk for BitLocker (CVE-2022-34303) bootloaders.
As per Eclypsium (company) bootloaders are found in almost every device made in the past 10 years, this includes ARM and x86-64 devices.
How does the bugs work?
The CryptoPro Secure Disk and Eurosoft bootloader bugs contain signed UEFI shells, the hackers are able to bypass Secure Boot by exploiting built-in capabilities. For these security loopholes, one can easily exploit automated startup scripts.
According to Eclypsium the bootloader contains a built-in bypass for Secure Boot that leaves Secure Boot on but disables the Secure Boot checks. This bypass can further enable even more complex evasions such as disabling security handlers.
In this case, an attacker would
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article:
