Alex Ermolov, Alex Matrosov and Yegor Vasilenko

UEFI Firmware Vulnerabilities: Past, Present and Future

Abstract

For any device, the supply chain is extremely complex and it plays a significant role in the platform security. The UEFI System Firmware relies heavily on its supply chain with many parties involved, including OBV, IBV, OEM etc. each following their own development lifecycle, mitigations policy and impacting different security models and update delivery timeline for endpoint devices. 

This obviously creates some space for building and supporting exploit chains for compromising firmware: a single vulnerability can be replaced by another one of the same class and live long enough until it will be patched by the vendor...guess how long will it take? Six months, a year or maybe two? Quite a while to deliver security, right? But how about 6 years? We're going to talk about a very interesting case: a security issue (one bug in the same EFI module), which survived across time, mitigations, multiple attempts to fix it, platform changes, pandemic, rain and thunder. This research covers architectural problems - an actual root-cause not only for this issue but other UEFI firmware vulnerabilities now and then.

BIO

Alex Matrosov is CEO and Founder of BInarly Inc. where he builds an AI-powered platform to protect devices against emerging firmware threats. Alex has more than two decades of experience with reverse engineering, advanced malware analysis, firmware security, and exploitation techniques. He served as Chief Offensive Security Researcher at Nvidia and Intel Security Center of Excellence (SeCoE). Alex is the author of numerous research papers and the bestselling award-winning book Rootkits and Bootkits: Reversing Modern Malware and Next Generation Threats. He is a frequently invited speaker at security conferences, such as REcon, Black Hat, Offensivecon, WOOT, DEF CON, and many others. Additionally, he was awarded multiple times by Hex-Rays for his open-source contributions to the research community

Alex Ermolov leads supply chain security research & development at Binarly Inc. With more than 10 years of experience in researching low-level design, firmware and system software built for various platforms and architectures, he helps to create a solution for protecting devices against firmware threats.

Yegor Vasilenko is an experienced Security Researcher focused on reverse engineering and firmware analysis. Nowadays he enjoys UEFI reverse engineering automation.