Home   »   News   »   Security Malfunctions Of High Risk Identified In Top Servers

Security Malfunctions Of High Risk Identified In Top Servers

News February 16th 2022

Binarly discovered not one, but more than 20 vulnerabilities in popular servers. Those were affecting unified extensible firmware interfaces (UEFI) software that allow hackers to easily bypass hardware security mechanisms.

Binarly, a well-known security firm has found more than 20,000 vulnerabilities that were hiding in BIOS, UEFI software belonging to a wide range of system vendors, like Intel, Microsoft, Lenovo, Dell, Bull Atos, Fujitsu, HPE, HP, and also Siemens.

Binarly found that all the vulnerabilities were associated with the use of InsydeH20, a framework code that is used to build motherboard unified extensible firmware interfaces (UEFI). This is an interface between a computer’s operating system and firmware.


Why Vulnerabilities were of high risk?

All these vulnerabilities are actually so dangerous, because, the UEFI/BIOS-based attacks can bypass firmware-based security mechanisms. These malfunctions include SMM all-out or privilege escalation, SMM memory corruption, and DXE memory corruption.

The damage done by these vulnerabilities is very severe.  They can cause by attackers to bypass hardware-based security features like secure boot, virtualization-based security, and also trusted platform modules (TPM). 

Initially, 23 malfunctions were disclosed by Binalry, but later found out five more, that were related to HP hardware. Binarly announced, these vulnerabilities were capable of affecting both desktop and server hardware, and thus have been reported about them to vendors and to Insyde. Fixes are still going on.

Binalry has been working closely with CERT/CC and Insyde teams for the last few months to confirm fixes of all vulnerabilities, provide additional technical details, evaluate the associated risks, and worked through the responsible disclosure process.

Binalry has now also partnered with Linux Vendor Firmware Service (LVFS) to find out other vendors and scale their services to identify more affected hardware models that are using firmware vulnerabilities detection tools, known as FwHunt.


If you enjoyed reading this news, you are surely going to cherish these too –