Researchers disclosed 16 high-severity flaws in different implementations of Unified Extensible Firmware Interface (UEFI) firmware impacting multiple HP enterprise devices.

Researchers from cybersecurity firm Binarly discovered 16 high-severity vulnerabilities in various implementations of Unified Extensible Firmware Interface (UEFI) firmware impacting multiple HP enterprise devices.

An attacker can exploit these vulnerabilities to implant a firmware that survives operating system updates and bypasses UEFI Secure Boot, Intel Boot Guard, and virtualization-based security.

Impacted devices include multiple HP enterprise devices, including laptops, desktops, point-of-sale systems, and edge computing nodes.

“By exploiting the vulnerabilities disclosed, attackers can leverage them to perform privileged code execution in firmware, below the operating system, and potentially deliver persistent malicious code that survives operating system re-installations and allows the bypass of endpoint security solutions (EDR/AV), Secure Boot and Virtualization-Based Security isolation.” reads the analysis published by Binarly.

Below is the list of vulnerabilities discovered by the researchers:

CVE IDBINARLY IDDescriptionCVSS ScoreCVE-2021-39297BRLY-2021-003DXE stack buffer overflow (arbitrary code execution)7.7 HighCVE-2021-39298BRLY-2021-004SMM callout (privilege escalation)8.8 HighCVE-2021-39299BRLY-2021-005DXE stack buffer overflow (arbitrary code execution)8.2 HighCVE-2021-39300BRLY-2021-006DXE stack overflow vulnerability (arbitrary code execution)8.2 HighCVE-2021-39301BRLY-2021-007DXE stack overflow (arbitrary code execution)7.7 HighCVE-2022-23924BRLY-2021-032SMM heap buffer overflow (arbitrary code execution)8.2 HighCVE-2022-23925BRLY-2021-033SMM memory corruption (arbitrary code execution)8.2 HighCVE-2022-23926BRLY-2021-034SMM memory corruption (arbitrary code execution)8.2 HighCVE-2022-23927BRLY-2021-035SMM memory corruption (arbitrary code execution)8.2 HighCVE-2022-23928BRLY-2021-036SMM memory corruption (arbitrary code execution)8.2 HighCVE-2022-23929BRLY-2021-037SMM memory corruption (arbitrary code execution)8.2 HighCVE-2022-23930BRLY-2021-038SMM memory corruption (arbitrary code execution)8.2 HighCVE-2022-23931BRLY-2021-039SMM memory corruption (arbitrary code execution)8.2 HighCVE-2022-23932BRLY-2021-040SMM callout (privilege escalation)8.2 HighCVE-2022-23933BRLY-2021-041SMM callout (privilege escalation)8.2 HighCVE-2022-23934BRLY-2021-042SMM memory corruption (arbitrary code execution)8.2 High“Binarly believes that the lack of a knowledge base of common firmware exploitation techniques and primitives related to UEFI firmware makes these failures repeatable for the entire industry. We are working hard to fill this gap by providing comprehensive technical details in our advisories. This knowledge base is crucial for developing effective mitigations and defense technologies for device security.”,said Alex Matrosov, Founder and CEO at Binarly.

The most severe of the vulnerabilities discovered by the researchers are memory corruption issues affecting the System Management Mode (SMM) of the firmware. An attacker could trigger them to gain arbitrary code execution with the highest privileges.

HP addressed the flaws with the release of HP UEFI Firmware February 2022 security updates issued in February.

Follow me on Twitter: @securityaffairs and Facebook

try {
window._mNHandle.queue.push(function (){
window._mNDetails.loadTag(“816788371”, “300×250”, “816788371”);
});
}
catch (error) {}

try {
window._mNHandle.queue.push(function (){
window._mNDetails.loadTag(“816788371”, “300×250”, “816788371”);
});
}
catch (error) {}
Pierluigi Paganini

(SecurityAffairs – hacking, SIM swapping)

The post HP addressed 16 UEFI firmware flaws impacting laptops, desktops, PoS systems appeared first on Security Affairs.