Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Partner Perspectives  Connecting marketers to our tech communities.
8/19/2015
05:20 PM
Jim Walter
Jim Walter
Partner Perspectives
Connect Directly
Twitter
RSS
50%
50%

Vulnerable From Below: Attacking Hypervisors Using Firmware And Hardware

Malicious attacks with firmware privileges can compromise an entire system, so it is especially important to apply measures to reduce the risks.

Breaking hypervisor isolation and attacking -- or exploiting -- neighbouring virtual machines is a prominent goal of cyber criminals. At the Black Hat USA 2015 and DEF CON 23 conferences, a group of Intel Security researchers from the Advanced Threat Research team demonstrated that some hypervisors are vulnerable to attacks through system firmware launched from administrative guests. These attacks led to successful installation of a rootkit in the system firmware (such as BIOS), privilege escalation to the hypervisor privileges, and exposure of hypervisor memory contents.

Hypervisors employ a range of techniques to isolate software and I/O devices, block escapes from any compromised virtual machine to any other virtual machine, and protect each virtual machine’s secrets from the others, including their operating systems. However, these protections fall short when the physical machine system firmware is infected with a rootkit or when a compromised virtual machine is able to exploit vulnerabilities in the firmware.

In this case, the firmware rootkit was installed by reflashing the system firmware while it wasn’t adequately protected in non-volatile flash memory. Physical access controls should prevent this in some cases. However, the research also demonstrated that the rootkit could be installed from within privileged guests on the machines with inadequately write protected firmware. Our research demonstrated that a rootkit can open a backdoor for an attacker to access the memory contents of all other virtual machines by adding entries to the hardware-assisted page tables and mapping all of DRAM to the attacker’s guest address space. The attacker can then access the active memory of all the other virtual machines on this host and harvest data at will.

Solutions And Exploits

The obvious solution is to increase protection on firmware in flash memory. However, our research also demonstrated that an attacker can exploit other vulnerabilities if the hypervisor allows direct access to the firmware interfaces. For example, we comprised the hypervisor using the resume boot script table in memory that runs when a machine resumes from a sleep state (S3). From a privileged guest, this critical script table structure was changed to access the hypervisor memory spaces. We have published a whitepaper covering the technical details of this S3 resume boot script vulnerability, which has also been independently discovered and discussed by other researchers. In another example, we passed a bad input pointer to the run-time firmware executing in system management mode (SMM) to exploit a vulnerability and inject malicious instructions into this protected area.

In both examples, the attacker first had to exploit some vulnerability in the system firmware of the physical machine such as the SMI handler or BIOS, and then run malicious code with firmware privileges to attack the hypervisor. However, each interface to the firmware that is directly accessible to a virtual machine provides an additional attack vector. Hypervisors can minimize this risk and reduce their attack surface by removing unnecessary guest access to the firmware interfaces and memory locations. Hypervisors can also monitor and proxy interfaces that need to be exposed to the guests and, if possible, apply strict policies on the data passed through them.

Malicious attacks with firmware privileges can compromise the entire system, so it is especially important to apply measures to reduce the risk to applications, software services, and the operating system. You can test your system firmware with available tools such as the open source CHIPSEC framework, which tests for many known vulnerabilities, including the attacks described here. To enable further security testing, we will shortly be releasing new functionality in the CHIPSEC framework to test how hypervisors emulate various hardware interfaces.

For more information, our Black Hat presentation can be found at: http://www.intelsecurity.com/advanced-threat-research/content/AttackingHypervisorsViaFirmware_bhusa15_dc23.pdf

--Yuriy Bulygin and John Loucaides contributed to this blog.

Jim Walter is a senior member of Cylance's SPEAR team. He focuses on next-level attacks, actors, and campaigns as well as 'underground' markets and associated criminal activity. Jim is a regular speaker at cybersecurity events and has authored numerous articles, whitepapers ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Why Cyber-Risk Is a C-Suite Issue
Marc Wilczek, Digital Strategist & CIO Advisor,  11/12/2019
Unreasonable Security Best Practices vs. Good Risk Management
Jack Freund, Director, Risk Science at RiskLens,  11/13/2019
Breaches Are Inevitable, So Embrace the Chaos
Ariel Zeitlin, Chief Technology Officer & Co-Founder, Guardicore,  11/13/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2011-2916
PUBLISHED: 2019-11-15
qtnx 0.9 stores non-custom SSH keys in a world-readable configuration file. If a user has a world-readable or world-executable home directory, another local system user could obtain the private key used to connect to remote NX sessions.
CVE-2019-12757
PUBLISHED: 2019-11-15
Symantec Endpoint Protection (SEP), prior to 14.2 RU2 & 12.1 RU6 MP10 and Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to 12.1 RU6 MP10d (12.1.7510.7002), may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt t...
CVE-2019-12758
PUBLISHED: 2019-11-15
Symantec Endpoint Protection, prior to 14.2 RU2, may be susceptible to an unsigned code execution vulnerability, which may allow an individual to execute code without a resident proper digital signature.
CVE-2019-12759
PUBLISHED: 2019-11-15
Symantec Endpoint Protection Manager (SEPM) and Symantec Mail Security for MS Exchange (SMSMSE), prior to versions 14.2 RU2 and 7.5.x respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software applicat...
CVE-2019-18372
PUBLISHED: 2019-11-15
Symantec Endpoint Protection, prior to 14.2 RU2, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.