Binarly Presents New Firmware Vulnerabilities at LABScon 2022
Pasadena, CA - September 20, 2022 - Binarly Inc., providers of the industry’s first AI-powered firmware protection platform, will take the stage at the inaugural LABScon 2022 this week to call industry attention to a new batch of serious security vulnerabilities affecting tens of millions of computer devices.
Binarly co-founders Alex Matrosov and Claudiu Teodorescu will present technical research on attack surfaces below the operating system, pre-boot security check bypasses and major weaknesses in modern endpoint security tools.
Exclusively for LABScon, the Binarly research team will disclose seven (7) new serious vulnerabilities affecting Insyde reference code. These vulnerabilities were initially discovered on a laptop from manufacturer Framework using Insyde Software firmware. Working collaboratively with Framework and Insyde, Binarly helped to validate mitigations in the form of updated fixes and patches distributed to affected users.
As part of a year-long exposé of “repeatable failures” throughout the firmware security ecosystem, Binarly plans to share details on critical vulnerabilities related to pre-EFI, SMM and DXE firmware components; and major design weaknesses in the default WMI mechanism used to monitor endpoints for signs of malicious compromises.
A second LABScon presentation, titled “Blasting Event-Driven Cornucopia: WMI Edition,” will disclose new ways to disable the Windows Management Instrumentation (WMI) mechanism used by existing security technologies to monitor endpoints for signs of malicious attacks. The new attack vectors add to the disclosed methods of attacking WMI that were presented at BlackHat USA 2022.
The team will also call industry attention to major gaps in patch-distribution systems that leave vulnerable devices exposed for months after vulnerabilities are publicly disclosed.
In the last two months alone, Binarly’s research team discovered 19 high-severity vulnerabilities impacting all major vendors, including Intel, HP, Lenovo, Dell, AMI, Insyde, Fujitsu and many others enterprise devices.
Quote from Insyde:
Quote from HP PSIRT team:
Quote from AMI PSIRT team:
Quote from Intel PSIRT team:
Quote from Framework Computer:
Based in Pasadena, California, Binarly brings decades of research experience identifying hardware and firmware security weaknesses and threats. Binarly’s agentless, enterprise-class AI-powered firmware security platform helps protect from advanced threats below the operating system. Binarly solves firmware supply chain security problems by identifying vulnerabilities, malicious firmware modifications and providing firmware SBOM visibility without access to the source code.