bootloader | Breaking Cybersecurity News | The Hacker News

Cybersecurity researchers have disclosed  two unpatched security vulnerabilities  in the open-source U-Boot boot loader. The issues, which were uncovered in the  IP defragmentation  algorithm implemented in U-Boot by NCC Group, could be abused to achieve arbitrary out-of-bounds write and denial-of-service (DoS). U-Boot is a  boot loader  used in Linux-based embedded systems such as ChromeOS as well as ebook readers such as Amazon Kindle and Kobo eReader. The issues are summarized below - CVE-2022-30790  (CVSS score: 9.6) - Hole Descriptor overwrite in U-Boot IP packet defragmentation leads to an arbitrary out-of-bounds write primitive. CVE-2022-30552  (CVSS score: 7.1) - Large buffer overflow leads to DoS in U-Boot IP packet defragmentation code It's worth noting that both the flaws are exploitable only from the local network. But doing so can enable an attacker to root the devices and lead to a DoS by crafting a malformed packet. The s...

A team of cybersecurity researchers today disclosed details of a new high-risk vulnerability affecting billions of devices worldwide—including servers and workstations, laptops, desktops, and IoT systems running nearly any Linux distribution or Windows system. Dubbed ' BootHole ' and tracked as CVE-2020-10713 , the reported vulnerability resides in the GRUB2 bootloader, which, if exploited, could potentially let attackers bypass the Secure Boot feature and gain high-privileged persistent and stealthy access to the targeted systems. Secure Boot is a security feature of the Unified Extensible Firmware Interface (UEFI) that uses a bootloader to load critical components, peripherals, and the operating system while ensuring that only cryptographically signed code executes during the boot process. "One of the explicit design goals of Secure Boot is to prevent unauthorized code, even running with administrator privileges, from gaining additional privileges and pre-OS pers...

Vulnerability Management (VM) has long been a cornerstone of organizational cybersecurity. Nearly as old as the discipline of cybersecurity itself, it aims to help organizations identify and address potential security issues before they become serious problems. Yet, in recent years, the limitations of this approach have become increasingly evident.  At its core, Vulnerability Management processes remain essential for identifying and addressing weaknesses. But as time marches on and attack avenues evolve, this approach is beginning to show its age. In a recent report, How to Grow Vulnerability Management into Exposure Management (Gartner, How to Grow Vulnerability Management Into Exposure Management, 8 November 2024, Mitchell Schneider Et Al.), we believe Gartner® addresses this point precisely and demonstrates how organizations can – and must – shift from a vulnerability-centric strategy to a broader Exposure Management (EM) framework. We feel it's more than a worthwhile read an...

Security researchers have discovered several severe zero-day vulnerabilities in the mobile bootloaders from at least four popular device manufacturers that could allow an attacker to gain persistent root access on the device. A team of nine security researchers from the University of California Santa Barbara created a special static binary tool called BootStomp that automatically detects security vulnerabilities in bootloaders. Since bootloaders are usually closed source and hard to reverse-engineer, performing analysis on them is difficult, especially because hardware dependencies hinder dynamic analysis. Therefore, the researchers created BootStomp, which "uses a novel combination of static analysis techniques and underconstrained symbolic execution to build a multi-tag taint analysis capable of identifying bootloader vulnerabilities." The tool helped the researchers discover six previously-unknown critical security bugs across bootloaders from HiSilicon (Huawe...