Lenovo has patched a trio of bugs that could be abused to perform UEFI attacks.
Discovered by ESET researcher Martin Smolár, the vulnerabilities, assigned as CVE-2021-3970, CVE-2021-3971, and CVE-2021-3972, could be exploited to "deploy and successfully execute UEFI malware either in the form of SPI flash implants like LoJax or ESP implants like ESPecter" in the Lenovo Notebook BIOS.
In UEFI cyberattacks, malicious operations are loaded on a compromised device at an early stage of the boot process. This means that malware can tamper with configuration data, establish persistence, and may be able to bypass security measures that are only loaded at the OS stage.
On Tuesday, ESET said the vulnerabilities impact "more than one hundred different consumer laptop models with millions of users worldwide" and were caused by drivers only meant to be used during Lenovo's product development stage.
The impacted product list includes IdeaPads, Legion gaming devices, and both Flex and Yoga laptops.
The first vulnerability, CVE-2021-3970, impacts the SW SMI handler function. This SMM memory corruption issue, caused by improper input validation, permits attackers to read/write into SMRAM, which, in turn, could allow malicious code with SMM privileges to execute -- and for SPI flash implants to be deployed.
"SMM is a highly privileged execution mode of x86 processors [...]," the researchers explained. "SMM code is written within the context of the system firmware and is usually used for various tasks, including advanced power management, execution of OEM proprietary code, and secure firmware updates. It provides an independent execution environment completely invisible to the running operating system."
The other two vulnerabilities, CVE-2021-3971 and CVE-2021-3972, relate to drivers named SecureBackDoor and SecureBackDoorPeim.
Lenovo has described the first security flaw as a "potential vulnerability by a driver used during older manufacturing processes on some consumer Lenovo Notebook devices that was mistakenly included in the BIOS image could allow an attacker with elevated privileges to modify [the] firmware protection region by modifying an NVRAM variable."
The second issue is a "potential vulnerability by a driver used during [the] manufacturing process on some consumer Lenovo Notebook devices that was mistakenly not deactivated [and] may allow an attacker with elevated privileges to modify secure boot setting[s] by modifying an NVRAM variable."
When they are queried by Lenovo software, the drivers could be compromised to disable flash protections and UEFI Secure Boot. Attackers with a high enough privilege level can exploit CVE-2021-3971 to change UEFI firmware settings, and CVE-2021-3972 requires tampering with NVRAM variables to deploy malicious implants.
ESET reported the three vulnerabilities to Lenovo on October 11, 2021. The security flaws were triaged and confirmed in November. Patches have now been released, leading to April's public disclosure.
It is recommended that users patch their firmware immediately. Lenovo has published an advisory and alternative mitigation options for users who can't accept fixes at this time.
However, not every device on the list will be updated with fixes as legacy products. ESET recommends using TPM-aware full-disk encryption software to make information inaccessible if UEFI Secure Boot configurations are tampered with when it comes to out-of-support devices.
"All of the real-world UEFI threats discovered in the last years -- LoJax, MosaicRegressor, MoonBounce, ESPecter, FinSpy -- needed to bypass or disable the security mechanisms in some way in order to be deployed and executed," Smolár commented. "Our discovery demonstrates that in some cases, deployment of the UEFI threats might not be as difficult as expected, and the larger amount of real-world UEFI threats discovered in the last years suggests that adversaries are aware of this."
Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0