BIOS Necromancy: Utilizing “Dead Code” for BIOS Attacks

Abstract

During our work towards trying to help secure firmware, we have begun to discover a trend. There are situations where unused “dead code” can creep into firmware codebases. This can lead to situations where the developers correctly believe that they are not intentionally using the code in question. However, if that code has vulnerabilities that are still attacker-invokable, it leads to a situation where the vendor has increased attack surface. Apple’s vulnerability to CERT VU#552286, which we determined by black box binary analysis, is an example of this. But we have also seen examples of this in private engagements that we cannot speak to publicly. This document is meant to serve as a warning to BIOS developers that they need to check very carefully that no known-vulnerable code somehow ends up on their flash chip, when they dismiss a vulnerability as “not applicable” to their codebase. They could be wrong, and without careful scrutiny, low level vulnerabilities like this can and will fester for years.

(Note: This talk is an updated version of Thunderstrike 2: Sith Strike, with the new vulnerability VU#552286 added, and the new whitepaper about that vulnerability linked herein.)