Endpoint Security
,
Hardware / Chip-level Security
UEFI Developer Leaked a Secure Boot Asymmetric Key
Hundreds of laptop and server models from mainstream manufacturers are at risk of hacking that bypasses protections meant to ensure only trusted software can load during computer bootup, warn researchers from California supply chain startup Binarly.
See Also: OnDemand | Protecting Devices and Software from Next-Generation Cyberthreats
The Los Angeles company in a Thursday report detailed a string of supply chain errors undermining Secure Boot protections embedded in motherboards developed with kits made by American Megatrends International. It calls the vulnerability PKfail.
Malware loaded during bootup allows hackers to evade detection by antivirus applications and survive operating system reinstalls. A consortium of hardware manufacturers and operating systems developers control the Unified Extensible Firmware Interface bootup standard – which contains specifications known as Secure Boot meant to ensure that only trusted software can load before the operating system takes over.
Researchers and hackers have stepped up probes into the standard and its implementations and increasingly have found vulnerabilities within the difficult-to-patch layer of computing (see: LogoFAIL Bootup Flaw Puts Hundreds of Devices at Risk).
The U.S. federal government last August urged computer manufacturers to improve UEFI security, suggesting that systems owners be able to audit and manage UEFI components as they do other computer software (see: US CISA Urges Improvements to Key Computer Component).
The flaw identified by Binarly stems from an AMI cryptography key published – apparently mistakenly – on a GitHub repository in December 2022. The key was encrypted, but it was protected by a four-character password, making its decryption trivially easy.
Secure Boot depends on asymmetric encryption. A chain of cryptographic keys leads to databases the UEFI protocol uses to verify trusted bootup components and check that components aren’t on a blacklist. At the root of the process is the “platform key,” the public-private key that starts the chain of trust. That’s the key that leaked in 2022. It’s identifiable by its serial number, 55:fb:ef:87:81:23:00:84:47:17:0b:b3:cd:87:3a:f4
.
Any hacker with access to the key pair – and privileged access to a computer – could use that key to poison the signature databases for trusted and untrusted software allowed to power on during bootup. Binarly identified more than 200 affected devices, including products made by Acer, Dell, Gigabyte, Intel, Lenovo and Supermicro. Both x86 and ARM devices are affected by PKFail.
The manufacturers aren’t entirely blameless, since the leaked AMI platform key is labeled “do not trust” or “do not ship” in the expectation that device vendors will substitute the root key with their own asymmetric key pair.
Information Security Media Group attempted to contact AMI but didn’t hear back. In a Thursday blog post, AMI executive Stefano Righi said the company will continue to furbish “test” platform keys to customers. “AMI has incrementally added safeguards in its firmware, such as partner alerts when test keys are in use in code builds that include warnings in the BIOS setup screens, notifying the user that test keys are present,” Righi said.
AMI is one of three major commercial UEFI vendors but the other two, Phoenix Technologies and Insyde Software, appear to have a mechanism that prevents manufacturers from shipping product with test keys, Binarly concluded. Researchers have spotted Secure Boot certificates in the wild marked “do not trust” since at least 2016, when the condition was designated CVE-2016-5247.
Additional investigation by Binarly found that UEFI firmware images affected by the same pitfall as the leaked PKfail asymmetric key pair have been used by manufacturers since 2012. In all, Binarly identified 22 unique, untrusted platform keys present in computers made by manufactures including Acer, Dell and Samsung.
Lenovo told Ars Technica that “no supported Lenovo systems are exposed to the scenario Binarly claims in its PKFail research paper.” HP, Fujitsu and Intel all said that devices affected by PKFail have been discontinued or are past their end-of-life date. Supermicro told the outlet that it “has addressed Platform Key issues mostly in older generation systems with BIOS updates.”
There’s little individuals can do to safeguard against PKfail other than safeguard access to their machines and apply any firmware updates that address the problem. Binarly created a website that allows users to upload firmware binaries to check for PKfail.