LogoFail

Binarly researchers show the dangers of firmware parsing bugs by developing a PoC on a real device with modern firmware security features enabled (i.e. Intel Boot Guard and Secure Boot).

Inside the LogoFAIL PoC: From Integer Overflow to Arbitrary Code Execution

January 30, 2024

The Binarly REsearch team investigates how crashes of firmware parsers can be leveraged by attackers to achieve arbitrary code execution with firmware privileges during the boot process.

December 6, 2023

Finding LogoFAIL: The Dangers of Image Parsing During System Boot

The Binarly REsearch team has discovered a Heap Out-of-bounds Read vulnerability in the web server component of Lenovo BMC firmware, allowing a potential attacker to exfiltrate sensitive information from Lighttpd process memory.

November 29, 2023

The Far-Reaching Consequences of LogoFAIL

The Binarly REsearch team investigates vulnerable image parsing components across the entire UEFI firmware ecosystem and finds all major device manufacturers are impacted on both x86 and ARM-based devices.

Get a closer look at Binarly

Our team is available to talk to you about your specific requirements or to give you a full demo