Firmware Vulnerability in Chips Helps Hackers Take Control of Systems

A security company has found hardware vulnerabilities that, if cracked, can give hackers control over systems.

The vulnerability, disclosed by Binarly Research, allows an attacker to gain control of the system by modifying a variable in non-volatile memory, which stores data permanently, even when a system is turned off.

The modified variable will compromise the secure boot phase of a system, and an attacker can gain persistent access to compromised systems once the exploit is in place, said Alex Matrosov, the founder and CEO of Binarly, which offers open source tools to detect firmware vulnerabilities.

“Basically, the attacker can manipulate variables from the operating system level,” Matrosov said.

Firmware Vulnerability Opens the Door

Secure boot is a system deployed in most PCs and servers to ensure that devices start properly. Hackers can take control of the system if the boot process is either bypassed or under their control.

But in order to manipulate the variables, a user would need privileged access to the system. Users may need to have administrator access to Linux or Windows systems. The malicious code executes before the operating system is loaded.

“The firmware piece is important because the attacker can gain very, very interesting persistence capabilities, so they can play for the long term on the device,” Matrosov said.

The vulnerability is like leaving a door open — a hacker can gain access to system resources as and when they please when the system is switched on, Matrosov said.

The vulnerability is notable because it affects processors based on the ARM architecture, which are used in PCs, servers, and mobile devices. A number of security problems have been discovered on x86 chips from Intel and AMD, but Matrosov noted that this disclosure is an early indicator of security flaws existing in ARM chip designs.

Qualcomm Warns About Snapdragon

The problem springs from a vulnerability affecting Qualcomm’s Snapdragon chipsets, which the chip company disclosed on Jan. 5.

Qualcomm’s Snapdragon chips are used in laptops and mobile devices. The vulnerabilities could affect a wide range of those devices using Unified Extensible Firmware Interface (UEFI) firmware with Snapdragon…