|
@matrosov | |||||
|
Everybody cares about signed BIOS updates. When other firmwares like Intel Embedded Controller (EC) can get FW updates without any authorization on some recent hardware. EC have RW access to SPI flash storage and other interesting stuff for rootkits. @offensive_con pic.twitter.com/D9Ww2AfpRu
|
||||||
|
||||||
|
Bjørn A. Jørgensen
@bajorgensen
|
20. velj 2018. |
|
I am trying to hammer this home with @DellEMCServers and @HPE_ProLiant. All FW updates should be signed and auditable. New iLO/iDRAC security features are not complete.
|
||
|
||
|
Mathias Krause
@_minipli
|
21. velj 2018. |
|
Shouldn’t PFAT make it require some kind of nonce for the update? 🤔 Anyways, the EC SPI flash access is still subject to Flash Descriptor constraints. So it shouldn’t be able to mess with the ME or BIOS region, for example — assuming a sane Flash Descriptor setup 😉
|
||
|
|
||