[BRLY-2022-015]
The arbitrary code execution in DXE driver.
BINARLY efiXplorer team

Summary

BINARLY efiXplorer team has discovered the ability of arbitrary code execution in DXE driver.

Vulnerability Information

  • BINARLY internal vulnerability identifier: BRLY-2022-015
  • Intel PSIRT assigned CVE identifier: CVE-2022-34345
  • AMI PSIRT assigned CVE identifier: CVE-2022-2154
  • CERT/CC assigned case number: VU#158026
  • FwHunt rule: BRLY-2022-015
  • CVSS v3.1: 7.2 High AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Affected Intel firmwares with confirmed impact by Binarly team

Device/Firmware File Name SHA256 (File PE32 section) File GUID
Intel NUC M15 BCTGL357 v0072 (Latest) AMITSE 288769fcb374d9280735e259c579e2dc209491f4da43b085d6aabc2d6e6ee57d b1da0adf-4f77-4070-a88e-bffe1c60529a
Intel NUC M15 BCTGL357 v0072 (Latest) - 6a2e79de518eb92408ed6c21421b4119da50c2ad31ff7adbb26155c7a335c26d a2df5376-c2ed-49c0-90ff-8b173b0fd066

Potential impact

An attacker with physical access can exploit this vulnerability to execute arbitrary code during DXE phase. A malicious code installed as a result of vulnerability exploitation in DXE driver could survive across an operating system (OS) boot process and runtime.

Vulnerability description

Consider the vulnerability on the example of the AMITSE driver (file GUID: b1da0adf-4f77-4070-a88e-bffe1c60529a).

The pseudocode for vulnerable function is shown below (function address: 0x16520).

__int64 sub_16520()
{
  // [COLLAPSED LOCAL DECLARATIONS. PRESS KEYPAD CTRL-"+" TO EXPAND]

  GetPackageListHandle = gEsaVarPtr01;
  Arg2 = 0;
  Guid[0] = 0x70E1A818;
  Guid[1] = 0x44490BE1;
  Guid[2] = 0xF69ED4BF;
  Guid[3] = 0xA8027F8C;
  VendorGuid.Data1 = 0xA2DF5376;
  *&VendorGuid.Data2 = 0x49C0C2ED;
  *VendorGuid.Data4 = 0x178BFF90;
  *&VendorGuid.Data4[4] = 0x66D00F3B;
  if ( gEsaVarPtr01
    || (DataSize = 8,
        gRT->GetVariable(L"EsaVarPtr01", &VendorGuid, 0, &DataSize, &gEsaVarPtr01),
        (GetPackageListHandle = gEsaVarPtr01) != 0) )
  {
    Handle = GetPackageListHandle(Guid, &Arg2);
  }
  else
  {
    Handle = -1;
  }
  if ( Handle != -1 )
    return gEfiHiiDatabaseProtocol->RemovePackageList(gEfiHiiDatabaseProtocol, Handle);
  return Handle;
}

As we can see from the pseudocode, the address of GetPackageListHandle function located in the NVRAM variable EsaVarPtr01. Thus, a potential attacker can create the NVRAM variable EsaVarPtr01 and specify the address of the GetPackageListHandle function inside the data of the variable EsaVarPtr01. Thus, an attacker can execute arbitrary code during DXE phase.

It should be noted that the value of the variable EsaVarPtr01 cannot be set at runtime, but it can be set by physically modifying the SPI flash memory.

Disclosure timeline

This bug is subject to a 90 day disclosure deadline. After 90 days elapsed or a patch has been made broadly available (whichever is earlier), the bug report will become visible to the public.

Disclosure Activity Date
Intel PSIRT is notified 2022-05-04
Intel PSIRT confirmed reported issue 2022-07-28
Intel PSIRT assigned CVE number 2022-07-28
BINARLY public disclosure date 2022-08-10

Acknowledgements

BINARLY efiXplorer team