Windows & Linux Devices at Risk From Unsigned Peripheral Firmware

  •  
  •  
  •  
  • 1
  •  
  •  
  •  
    1
    Share

Reportedly, researchers from Eclypsium have discovered how a problem in peripheral devices can risk the security of entire systems. Specifically, they found that unsigned firmware in peripheral devices can allow an adversary to attack Windows, Linux systems. They have shared the details of their findings in a blog post.

As revealed, unsigned firmware in a large number of WiFi adapters, trackpads, USB Hubs, and cameras impact various enterprise devices. Despite being known for years, the researchers state that many vendors paid no heed to this problem. Consequently, this issue makes the systems vulnerable to cyber-attacks.

As stated in their post,

Many peripheral devices do not verify that firmware is properly signed with a high quality public/private key before running the code. This means that these components have no way to validate that the firmware loaded by the device is authentic and should be trusted.

Thus, an attacker could simply execute codes on the target device via a malicious firmware image. The attacker can then use the privileges of the malicious component for further activities.

The following video demonstrates an attack scenario on the network interface. Whereas, technical details about the attack are available in the researchers’ post.

What Next?

The researchers elaborate that despite changes by some vendors, most of the peripheral devices’ makers haven’t taken the matter of unsigned firmware execution seriously enough. Consequently, the vulnerability poses a threat to the integrity of Windows and Linux devices, including laptops and servers.

Though, this problem does not affect Apple devices.

Apple performs signature verification on all files in a driver package, including firmware, each time before they are loaded into the device, to mitigate this type of attack. In contrast, Windows and Linux only perform this type of verification when the package is initially installed.

Hence, the device itself verifies the signature before a firmware update. And, in the current scenario, permitting unsigned firmware makes the devices vulnerable for good. Thus, Windows and Linux need to implement a similar signature verification approach before updating firmware.

Let us know your thoughts in the comments

The following two tabs change content below.

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

Do NOT follow this link or you will be banned from the site!