Tag

Firmware Vulnerabilities

All articles tagged with #firmware vulnerabilities

cybersecurity2 years ago•3 min saved

"Critical UEFI Vulnerabilities Shake Firmware Development Ecosystem"

Five leading UEFI firmware suppliers have been found to contain vulnerabilities collectively dubbed PixieFail, allowing attackers with network access to infect connected devices with malware at the firmware level. The vulnerabilities, residing in functions related to IPv6 in the TianoCore EDK II implementation, can be exploited through the PXE mechanism used in data centers. Attackers can plant UEFI-controlled backdoors in servers without needing physical access, posing a significant threat to data centers and cloud environments.

via Ars Technica|

#cybersecurity #data-centers #firmware-vulnerabilities

cybersecurity2 years ago•6 min saved

LogoFAIL: Widespread Vulnerability Exposes Devices to Malware Injection

This week in security, major firmware vendors were found to have vulnerabilities in their image parsers, allowing for potential exploitation. Additionally, researchers discovered a predictable pattern in a DNS resolver's source ports, which could be exploited to redirect traffic. DNS was also at the heart of another vulnerability involving DNS rebinding. In the 23andMe breach, lateral movement was observed, with information from millions of accounts accessed through the DNA Relatives and Family Tree features. The Sonos Era 100 device was successfully targeted at a hacking competition, highlighting the importance of hardening embedded devices. Lastly, there are still thousands of End-of-Life'd Exchange servers on the internet, posing a security risk.

via Hackaday|

#cybersecurity #data-breach #device-exploitation

cybersecurity2 years ago•3 min saved

"Vulnerable AMI MegaRAC BMC Firmware Puts Data Center Servers at Risk"

Researchers have discovered critical firmware vulnerabilities in baseboard management controllers (BMCs) made by AMI, a leading provider of BMCs and firmware. These vulnerabilities, which were revealed in a 2021 ransomware attack, can be exploited by attackers with access to the Redfish remote management interface, allowing them to gain superuser status and execute malicious code on servers in data centers. The vulnerabilities pose a significant risk to cloud computing infrastructure, potentially enabling attackers to install ransomware, espionage malware, or cause physical damage to servers. AMI has released firmware patches to address the vulnerabilities.

via Ars Technica|

#ami #cloud-computing #cybersecurity