Millions of devices impacted by firmware bugs

Millions of devices, including those manufactured by Microsoft, HP, Intel, Dell, Siemens, Framework, and Fujitsu, are being affected by seven firmware vulnerabilities in Insyde Software's InsydeH20 UEFI firmware, which could be exploited to facilitate persistent device access, SecurityWeek reports. Attackers with local privileged operating system access could use the flaws to enable information leaks or arbitrary code execution, according to a report from Binarly. Such bugs could also be leveraged in the second or third attack stage to allow long-term persistence delivery, said Binarly CEO Alex Matrosov. "A firmware implant is the final goal for an attacker to maintain persistence. The attacker can install the malicious implant on different levels of the firmware, either as a modified legitimate module or a standalone driver. This kind of malicious code can bypass Secure Boot by design and influence further boot stages," Matrosov noted. Even though the fixes have already been issued by Insyde, patches are expected to be released by device manufacturers within six to nine months, added Matrosov.