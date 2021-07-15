Summary

BINARLY efiXplorer team identified several Lenovo devices do not properly protect UEFI system firmware modules with Intel Boot Guard technolody (missing protection coverage Boot Guard IBB hash), which allows an attacker with write access to the SPI flash storage (such as with physical access or leveraging a BIOS write protection bypass vulnerability) to install a persistent backdoor/implant.

Vulnerability Information

BINARLY internal vulnerability identifier: BRLY-2021-002

Lenovo PSIRT assigned CVE identifier: LEN-65529 (CVE-2021-3453)

Product description

Multiple Lenovo product lines is affected by this issue:

Lenovo ideacentre AIO is line of all-in-one PC designed for heavy workloads

Lenovo ThinkPad is a line of business-oriented laptops and tablets

Lenovo V110-15ISK, V310-14ISK, V310-15ISK are business-oriented laptops

Affected products with confirmed impact by Binarly team

Potential impact

An attacker with write access to the SPI flash storage (such as with physical access or leveraging a BIOS write protection bypass vulnerability) is able to overwrite the unprotected (unsigned) modules and add an arbitrary functionality, which can be a firmware backdoor/implant.

Vulnerability description

Bootguard defines several ways of protecting the UEFI modules and verifying their integrity/authenticity during the boot process, such as Initial Boot Block (IBB) segments and Vendor Hash File protected ranges. The products by Lenovo mentioned above do not properly include several FFS volumes with SMM/DXE executables into those ranges. As an example, Lenovo V310-14ISK only defines 3 IBB segments (Address: FFE10000h Size: 00020000h, Address: FFEE0000h Size: 00100000h, Address: FFFE0000h Size: 00020000h), which cover 3 FFS volumes, leaving other FFS volumes with executable files unprotected from malicious tampering. UEFITool output:

BootGuard ACM found at base 6D8318h ... ------------------------------------------------------------------------ Intel BootGuard Key manifest found at base 6D5318h ... ------------------------------------------------------------------------ ... IBB Segments: Flags: 0000h Address: FFE10000h Size: 00020000h Flags: 0000h Address: FFEE0000h Size: 00100000h Flags: 0000h Address: FFFE0000h Size: 00020000h

Details of protected and unprotected FFS volumes and executable files from UEFITool:

Type | Subtype | Base | Size | Name ... Image | UEFI | 00000050 | 0088DD00 | - UEFI image ... Unprotected FFS volume ↓ Volume | FFSv2 | N/A | 00058000 | -------- B92CF322-8AFA-4AA4-B946-005DF1D69778 ... Unprotected modules below↓ File | SMM module | N/A | 00002D02 | ---------CDC11AE9-01E7-42CB-88EB-FDFFD8819893 | TcgLegacy Section | MM dependency | N/A | 0000005E | ---------- MM dependency section Section | PE32 image | N/A | 00002C64 | ---------- PE32 image section Section | UI | N/A | 00000018 | ---------- UI section Section | Version | N/A | 0000000E | ---------- Version section ... Free space | | N/A | 00000620 | --------- Volume free space Free space | | 000F86D0 | 000C7C48 | ----- Volume free space Volume | FFSv2 | 001C0318 | 00450000 | ---- EfiFirmwareFileSystem2Guid File | Volume image | 001C0360 | 001FDEC4 | ----- 9E21FD93-9C72-4C15-8C4B-E77F1DB2D792 Section | GUID defined | 001C0378 | 001FDEAC | ------ LzmaCustomDecompressGuid Section | Raw | N/A | 0000000C | ------- Raw section Section | Volume image | N/A | 00834004 | ------- Volume image section ... Unprotected FFS volume ↓ Volume | FFSv2 | N/A | 00834000 | -------- A881D567-6CB0-4EEE-8435-2E72D33E45B5 ... Unprotected modules below↓ File | Freeform | N/A | 0000005C | --------- AprioriDxe | DXE apriori file Section | Raw | N/A | 00000044 | ---------- Raw section ... File | Freeform | 003BE228 | 00002DFF | ----- DAB78572-E8D1-4C3F-9A1E-F27E9CAF686D Section | Raw | 003BE240 | 00002DE7 | ------ Raw section Free space | | 003C1028 | 0024F2F0 | ----- Volume free space ... Protected FFS volume ↓ Volume | FFSv2 | 00610318 | 00020000 | ---- 8579D1CA-45E8-4F1C-A789-FFA770672099 File | PEI module | 00610390 | 000044A4 | ----- PlatformInit | PlatformInit Section | PEI dependency| 006103A8 | 00000028 | ------ PEI dependency section Section | GUID defined | 006103D0 | 00004464 | ------ LzmaCustomDecompressGuid Section | PE32 image | N/A | 00015CA4 | ------- PE32 image section Section | UI | N/A | 0000001E | ------- UI section Section | Version | N/A | 0000000E | ------- Version section ... Free space | | 0062D6C0 | 00002C58 | ----- Volume free space ... Protected FFS volume ↓ Volume | FFSv2 | 006E0318 | 00100000 | ---- B73FE497-B92E-416E-8326-45AD0D270091 ... Free space | | 007B16F8 | 0002EC20 | ----- Volume free space ... Protected FFS volume ↓ Volume | FFSv2 | 007E0318 | 00020000 | ---- BA34AA5B-110E-4B10-B729-E559EFD075D3 File | Pad | 007E0390 | 00000070 | ----- Pad-file File | PEI core | 007E0400 | 000054DA | ----- PeiCore | PeiCore Section | Raw | 007E0418 | 0000001C | ------ Raw section Section | PE32 image | 007E0434 | 00005484 | ------ PE32 image section Section | UI | 007E58B8 | 00000014 | ------ UI section Section | Version | 007E58CC | 0000000E | ------ Version section

The following firmware images have unprotected FFS volumes with DXE/SMM executables:

o4vjy28usa O4VKT28A / ideacentre AIO 5-27IMB05 Desktop:

Volume GUID: B92CF322-8AFA-4AA4-B946-005DF1D69778 Volume GUID: A881D567-6CB0-4EEE-8435-2E72D33E45B5 Volume GUID: 1B5C27FE-F01C-4FBC-AEAE-341B2E992A17 Volume GUID: 8579D1CA-45E8-4F1C-A789-FFA770672099 Volume GUID: 1B5C27FE-F01C-4FBC-AEAE-341B2E992A17 Volume GUID: B73FE497-B92E-416E-8326-45AD0D270091 Volume GUID: 52F1AFB6-78A6-448F-8274-F370549AC5D0 Volume GUID: BA34AA5B-110E-4B10-B729-E559EFD075D3

o4ujy27usa O4UKT27A / ideacentre AIO 5-24IMB05 Desktop:

Volume GUID: B92CF322-8AFA-4AA4-B946-005DF1D69778 Volume GUID: A881D567-6CB0-4EEE-8435-2E72D33E45B5 Volume GUID: 1B5C27FE-F01C-4FBC-AEAE-341B2E992A17 Volume GUID: 8579D1CA-45E8-4F1C-A789-FFA770672099 Volume GUID: 1B5C27FE-F01C-4FBC-AEAE-341B2E992A17 Volume GUID: B73FE497-B92E-416E-8326-45AD0D270091 Volume GUID: 52F1AFB6-78A6-448F-8274-F370549AC5D0 Volume GUID: BA34AA5B-110E-4B10-B729-E559EFD075D3

r0puj32w 1.44 (R0PET67W) / ThinkPad E480, E580:

Volume GUID: 8579D1CA-45E8-4F1C-A789-FFA770672099

r0buj23ww 1.28 (R0BET43W) / ThinkPad 11e (Type: 20G9, 20GB), Yoga 11e (Type: 20G8, 20GA)

Volume GUID: B92CF322-8AFA-4AA4-B946-005DF1D69778

r0luj20ww 1.21 (R0LET36W) / ThinkPad 11e 4th Gen, Yoga 11e 4th Gen (for i-based processors such as i3, i5, i7 & etc):

Volume GUID: B92CF322-8AFA-4AA4-B946-005DF1D69778 Volume GUID: A881D567-6CB0-4EEE-8435-2E72D33E45B5 Volume GUID: 8579D1CA-45E8-4F1C-A789-FFA770672099

r0cuj25w 1.35 (R0CET47W) / ThinkPad 13

Volume GUID: A881D567-6CB0-4EEE-8435-2E72D33E45B5

r0juj22w 1.29 (R0JET44W) / ThinkPad 13 2nd Gen

Volume GUID: B92CF322-8AFA-4AA4-B946-005DF1D69778 Volume GUID: A881D567-6CB0-4EEE-8435-2E72D33E45B5 Volume GUID: 8579D1CA-45E8-4F1C-A789-FFA770672099

r0yuj22w 1.29 (R0YET46W) / ThinkPad E490, E490s, E590:

Volume GUID: 1B5C27FE-F01C-4FBC-AEAE-341B2E992A17

n17uj59w 2.12 (N17ETB2W) / ThinkPad Helix (Type 20CG, 20CH):

Volume GUID: A881D567-6CB0-4EEE-8435-2E72D33E45B5

r16uj12w 1.15 (R16ET29W) / ThinkPad E14, E15:

Volume GUID: B92CF322-8AFA-4AA4-B946-005DF1D69778

r0quj26w 1.40 (R0QET63W) / ThinkPad L480, L580:

Volume GUID: 8579D1CA-45E8-4F1C-A789-FFA770672099 (starting from CpuMpPei)

n11uj20w 1.28 (N11ET52W) / ThinkPad T550, W550s:

Volume GUID: A881D567-6CB0-4EEE-8435-2E72D33E45B5

r0muj24w 1.28 (R0MET51W) / ThinkPad S5 2nd Gen:

Volume GUID: 8579D1CA-45E8-4F1C-A789-FFA770672099

n14uj30w 1.32 (N14ET54W) / ThinkPad X1 Carbon (Type 20BS, 20BT):

Volume GUID: A881D567-6CB0-4EEE-8435-2E72D33E45B5

n10uj27w 1.40 (N10ET61W) / ThinkPad X250:

Volume GUID: A881D567-6CB0-4EEE-8435-2E72D33E45B5

n19uj32w 1.37 (N19ET64W) / ThinkPad Yoga 15:

Volume GUID: A881D567-6CB0-4EEE-8435-2E72D33E45B5

r18uj06w 1.08 / ThinkPad 11e Yoga Gen 6 (Type 20SE 20SF) Laptop:

Volume GUID: B92CF322-8AFA-4AA4-B946-005DF1D69778 Volume GUID: A881D567-6CB0-4EEE-8435-2E72D33E45B5 Volume GUID: 8579D1CA-45E8-4F1C-A789-FFA770672099

1kcn51ww 1KCN51WW / Lenovo V110-15ISK:

Volume GUID: B92CF322-8AFA-4AA4-B946-005DF1D69778 Volume GUID: A881D567-6CB0-4EEE-8435-2E72D33E45B5

0zcn52ww 0ZCN52WW / Lenovo V310-14ISK, V310-15ISK:

Volume GUID: B92CF322-8AFA-4AA4-B946-005DF1D69778 Volume GUID: A881D567-6CB0-4EEE-8435-2E72D33E45B5

Solution

Properly define protected ranges via IBB or vendor hash files to include all executable files (PEI/DXE/SMM)

Disclosure timeline

This bug is subject to a 90 day disclosure deadline. After 90 days elapse or a patch has been made broadly available (whichever is earlier), the bug report will become visible to the public.

Disclosure Activity Date Lenovo PSIRT is notified 2021-02-08 Lenovo PSIRT confirmed reported issue 2021-03-16 Lenovo PSIRT assigned CVE number 2021-03-19 Lenovo PSIRT provide patch release 2021-07-13 BINARLY public disclosure date 2021-07-14

Acknowledgements

BINARLY efiXplorer team

References