2025-01-17 20:50:15 Pacfic
UEFI Secure Boot Bypass Vulnerability Discovered. - 20h
A new UEFI Secure Boot bypass vulnerability, identified as CVE-2024-7344, has been discovered, posing a significant threat to a wide range of UEFI-based systems. This flaw resides within a signed UEFI application, specifically the Howyar Reloader bootloader, and allows attackers to execute unsigned code during the boot process. The vulnerability stems from the bootloader's failure to use UEFI’s standard BootServices LoadImage API, instead utilizing a custom PE loader that does not verify signatures of loaded software. This oversight allows for the loading of any UEFI binary, including malicious ones, from a specifically named file, even on systems with Secure Boot enabled.
The exploitation of CVE-2024-7344 enables attackers to deploy malicious UEFI bootkits, granting them persistent access to compromised machines. Malicious code executed during this early phase can persist through system reboots and even OS reinstallations. Attackers can also load malicious kernel extensions, achieving long-term control and potentially evading endpoint detection and response tools and other security measures. This vulnerability affects various system recovery software suites from vendors including Howyar Technologies, Greenware Technologies, Radix Technologies, SANFONG, Wasay Software Technology, Computer Education System, and Signal Computer. To mitigate this risk, users are urged to install updated versions of the vulnerable bootloaders and update the UEFI Secure Boot Forbidden Signature Database (DBX).
ImgSrc: securityonline.info
References:
- Vulnerability Archives ? Cybersecurity News - CVE-2024-7344: Howyar Reloader Vulnerability Exposes UEFI Systems to Unsigned Software Threats - 1d
- The Hacker News - New UEFI Secure Boot Vulnerability Could Allow Attackers to Load Malicious Bootkits - 1d
- securityonline.info - CVE-2024-7344: Howyar Reloader Vulnerability Exposes UEFI Systems to Unsigned Software Threats - 1d
- @jos1264 - New UEFI Secure Boot Vulnerability Could Allow Attackers to Load Malicious Bootkits - 21h
- Help Net Security - New UEFI Secure Boot bypass vulnerability discovered (CVE-2024-7344) - 21h
- www.welivesecurity.com - The story of a signed UEFI application allowing a UEFI Secure Boot bypass - 4h
- Security Archives - Security Affairs - ESET detailed a flaw that could allow a bypass of the Secure Boot in UEFI systems - 3h
- Security Risk Advisors - UEFI Vulnerability May allow Malicious Actors to load BootKits - 3h
Classification:
- HashTags: UEFI SecureBoot Bootkit
- Company: UEFI
- Target: UEFI systems
- Product: UEFI
- Feature: Secure Boot bypass
- Type: Vulnerability
- Severity: Major