Residence › Endpoint Safety

Qualcomm UEFI Flaws Expose Microsoft, Lenovo, Samsung Units to Assaults

By Eduard Kovacs on January 06, 2023

Tweet

Many gadgets made by Microsoft, Lenovo, Samsung and sure others are affected by probably critical UEFI firmware vulnerabilities in Qualcomm Snapdragon chips.

Qualcomm introduced this week the supply of patches for a dozen vulnerabilities, together with 5 connectivity- and boot-related points found by researchers at firmware safety firm Binarly.

Alex Matrosov, founder and CEO of Binarly, instructed SecurityWeek that they found a complete of 9 vulnerabilities whereas analyzing the firmware for Lenovo Thinkpad X13s laptops powered by the Qualcomm Snapdragon system-on-a-chip (SoC).

Additional evaluation revealed that whereas a number of the 9 flaws are particular to Lenovo gadgets, 5 of them impression Qualcomm reference code, which suggests the vulnerabilities are additionally current in laptops and different gadgets utilizing Snapdragon chips.

The Snapdragon CPU makes use of the Arm structure and Matrosov stated that is the primary such disclosure of UEFI firmware vulnerabilities associated to the Arm machine ecosystem.

In keeping with Binarly, the Qualcomm vulnerabilities have been confirmed to impression — along with Lenovo gadgets — Arm-based Microsoft Floor and the Home windows Dev Package 2023 (Undertaking Volterra) computer systems, in addition to Samsung merchandise.

“Primarily based on Qualcomm’s advisory, the variety of affected chipsets is very large,” Matrosov stated through e mail.

Two forms of vulnerabilities have been found — stack-based buffer overflows and out-of-bounds learn points — each associated to the DXE driver. They are often exploited by native attackers with elevated privileges, in response to Lenovo’s advisory.

Matrosov defined that three of the vulnerabilities can result in arbitrary code execution they usually have been assigned a ‘excessive severity’ score. These flaws could be exploited for a Safe Boot bypass, they usually “allow an attacker to realize persistence on a tool by gaining ample privileges to put in writing to the file system, thus permitting an attacker to cross an additional safety boundary to simplify assaults on TrustZone.”

The remaining safety holes have been rated ‘medium severity’ they usually can result in info disclosure.

Qualcomm stated patches for the vulnerabilities discovered by Binarly have been made out there to prospects in November 2022, and the corporate has inspired affected finish customers to use safety updates after they change into out there from machine makers.

Binarly plans on disclosing technical particulars in a weblog submit scheduled for January 9.

Associated: New Firmware Vulnerabilities Affecting Hundreds of thousands of Units Enable Persistent Entry

Associated: 16 Vulnerabilities Present in Firmware of HP Enterprise Units

Associated: Lenovo Patches UEFI Code Execution Vulnerability Affecting Many Laptops

Get the Every day Briefing

• Most Current
• Most Learn

• SASE Firm Netskope Raises $401 Million
• Russian Turla Cyberspies Leveraged Different Hackers’ USB-Delivered Malware
• Person Paperwork Overwritten With Malicious Code in Current Dridex Assaults on macOS
• Ransomware Hit 200 US Gov, Training and Healthcare Organizations in 2022
• Qualcomm UEFI Flaws Expose Microsoft, Lenovo, Samsung Units to Assaults
• Rackspace Completes Investigation Into Ransomware Assault
• France Regulator Raps Apple Over App Retailer Advertisements
• Extra Political Storms for TikTok After US Authorities Ban
• Predictions 2023: Large Tech’s Coming Safety Purchasing Spree
• Zoho Urges ManageEngine Customers to Patch Critical SQL Injection Vulnerability

On the lookout for Malware in All of the Flawed Locations?

First Step For The Web’s subsequent 25 years: Including Safety to the DNS

Tattle Story: What Your Pc Says About You

Be in a Place to Act By way of Cyber Situational Consciousness

Report Reveals Closely Regulated Industries Letting Social Networking Apps Run Rampant

2010, A Nice Yr To Be a Scammer.

Do not Let DNS be Your Single Level of Failure

Learn how to Establish Malware in a Blink

Defining and Debating Cyber Warfare

The 5 A’s that Make Cybercrime so Enticing

Learn how to Defend In opposition to DDoS Assaults

Safety Budgets Not in Line with Threats

Anycast – Three Causes Why Your DNS Community Ought to Use It

The Evolution of the Prolonged Enterprise: Safety Methods for Ahead Considering Organizations

Utilizing DNS Throughout the Prolonged Enterprise: It’s Dangerous Enterprise

SecurityWeek Podcast

Orbit Brain

https://orbitbrain.com/

Orbit Brain is the senior science writer and technology expert. Our aim provides the best information about technology and web development designing SEO graphics designing video animation tutorials and how to use software easy ways
and much more. Like Best Service Latest Technology, Information Technology, Personal Tech Blogs, Technology Blog Topics, Technology Blogs For Students, Futurism Blog.