- Exploitation of these vulnerabilities would allow attackers to deploy and execute UEFI malware such as LoJax and ESPecter.
- UEFI threats are extremely stealthy and dangerous.
- The discovered vulnerabilities are CVE-2021-3970, CVE-2021-3971 and CVE-2021-3972.
- ESET Research urges all Lenovo laptop owners to check the list of affected devices and update their firmware.
BRATISLAVA — April 20, 2022 — Researchers from ESET, Europe's leading security solutions provider, have discovered and analyzed three vulnerabilities affecting different models of Lenovo laptops. Exploitation of these vulnerabilities would allow attackers to deploy and execute UEFI malware, such as LoJax, which implants itself in the SPI flash memory, or ESPecter, our latest discovery, which implants itself in the EFI system partition. ESET reported all discovered vulnerabilities to Lenovo in October 2021. In total, the list of affected devices includes more than 100 different laptop models used by millions of people worldwide.
"UEFI threats can be extremely stealthy and dangerous. They run at the beginning of the machine's boot process, before the operating system takes control of the machine. This means that these threats can bypass almost all security and mitigation measures aimed at preventing them from initiating the execution of other malware in the operating system," said Martin Smolár, the researcher at ESET who discovered the vulnerabilities. "Our discovery of these UEFI backdoors demonstrates that in some cases, deploying UEFI threats is not as difficult as previously thought, and the increasing number of UEFI threats discovered in recent years suggests that adversaries are aware of this," he adds.
The first two vulnerabilities, CVE-2021-3970 and CVE-2021-3971, can be more accurately called "secure backdoors" embedded in UEFI firmware, as this is literally the name given to Lenovo's UEFI drivers. They implement one of these vulnerabilities and are named (CVE-2021-3971) : SecureBackDoor and SecureBackDoorPeim. These built-in backdoors can be used to disable SPI flash memory protections (BIOS control register bits and protection range registers) or the UEFI secure boot functionality from a privileged user mode process while the operating system is running.
While examining the code of these backdoors, we discovered a third vulnerability: It allows SMM memory corruption inside the SW SMI management function (CVE-2021-3972). This vulnerability allows arbitrary read/write from/to SMRAM, which can lead to malicious code execution with SMM privileges and potentially lead to an implementation in SPI flash memory.
UEFI boot and runtime services provide the basic functions and data structures necessary for drivers and applications to do their jobs, including installing protocols, locating existing protocols, allocating memory, manipulating UEFI variables, etc. UEFI boot drivers and applications make extensive use of protocols. UEFI variables are a special firmware storage mechanism used by UEFI modules to store various configuration data, including the boot configuration.
SMM, on the other hand, is a highly preferred execution mode of x86 processors. Its code is written in the context of the system firmware and is typically used for various tasks, such as advanced power management, execution of manufacturer OEM code, and secure firmware updates.
"All UEFI threats discovered in recent years, such as LoJax, MosaicRegressor, MoonBounce, ESPecter, FinSpy, need to bypass or disable security mechanisms in some way in order to be deployed and executed," says Smolár.
ESET Research urges all Lenovo laptop owners to check the list of affected devices and update their firmware by following the manufacturer's instructions.
For those using devices affected by the UEFI vulnerability SecureBootBackdoor (CVE-2021-3970), that are no longer supported and for which no patch is available: a possible protection against unwanted modification of the UEFI secure boot is to use a TPM compliant full disk encryption solution to make data inaccessible when the UEFI secure boot configuration is changed.
