Serious Security Flaw Discovered in UEFI Secure Boot System
Safety researchers from Binarly recently revealed a major vulnerability in the UEFI Secure Boot system, affecting over 800 products from manufacturers such as Acer, Dell, Fujitsu, Gigabyte, HP, Intel, Lenovo, and Supermicro. This flaw, known as pkfail, allows for the bypassing of the verified loading mode by exploiting a test key in the firmware generated by American Megatrends International (AMI).
The issue stems from the use of a test key provided by AMI, which was not intended for production use. Despite warnings from researchers, manufacturers continued to use this common key, leading to a widespread security risk. The test key was inadvertently leaked and made public by an employee of one equipment manufacturer, making it accessible for potential exploitation.
The compromised platform key, used as a root of trust for the Secure Boot system, can enable attackers to bypass security checks and load unauthorized components onto a system. By obtaining the closed part of the platform key, attackers can manipulate the Secure Boot process and substitute components using keys such as KEK, DB, and DBX, which are essential for system integrity.
According to researchers, conducting an attack exploiting this vulnerability is relatively straightforward, posing a significant threat to the security of devices utilizing the UEFI Secure Boot system. Manufacturers are urged to address this issue promptly to prevent potential cyberattacks and secure their systems against unauthorized access.