TID-211: Device Allows Unauthenticated Firmware Installation

Threat Description

If a device does not have a mechanism to authenticate firmware updates, a threat actor may be able to install malicious or corrupt firmware on the device. In such cases, an adversary may craft a customized or maliciously modified firmware update package that, if properly formed, the device will install it without challenge. The unauthorized firmware could then be used to (i) “brick” the device and prevent it from being reset, (ii) install malicious logic on the device, including to gain persistence, or (iii) enable access to ease reverse engineering the device to identify remotely exploitable vulnerabilities, depending on how the firmware was formed and how the target device responds to it. Devices that perform only error checking of update packages prior to installation (e.g., parity checks, hash checks without a cryptographic signature, etc.) will be susceptible to this threat.

This threat also includes any firmware authentication mechanisms that are not enforced on the device. If devices don’t check firmware integrity/download command authenticity on-device, threat actors may be able to falsely attest that their firmware is secure, thereby bypassing firmware integrity checks. One mechanism through which threat actors could perform this action is by taking advantage of a device’s reliance on a separate management device or service to check firmware. Threat actors may be able to spoof the management device firmware check and successfully initiate a malicious firmware download.

Threat Maturity and Evidence

Observed Adversary Behavior
EQUATION GROUP: QUESTIONS AND ANSWERS
“Although the implementation of their malware systems is incredibly complex, surpassing even Regin in sophistication, there is one aspect of the EQUATION group’s attack technologies that exceeds anything we have ever seen before. This is the ability to infect the hard drive firmware… The plugin supports two main functions: reprogramming the HDD firmware with a custom payload from the EQUATION group, and providing an API into a set of hidden sectors (or data storage) of the hard drive. This achieves several important things:

• Extreme persistence that survives disk formatting and OS reinstall.
• an invisible, persistent storage hidden inside the hard drive.”

ATT&CK Technique: System Firmware (T0857)
Procedure Example: 2015 Ukraine Electric Power Attack (C0028)
“During the 2015 Ukraine Electric Power Attack, Sandworm Team overwrote the serial-to-ethernet gateways with custom firmware to make systems either disabled, shutdown, and/or unrecoverable.”

Proof of Concept
On the recent vulnerability in Diebold Nixdorf ATMs
Researchers from Positive Technologies were able to demonstrate that it was possible to exploit a vulnerability that allowed them to upload valid firmware without a valid encryption key. From there, attackers or researchers would be able to modify the ATM firmware however they like.

CWE

CWE-306: Missing Authentication for Critical Function
“The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.”

CVE

Rockwell Automation Micrologix Remote Code Execution - CVE-2015-6492
Researchers at CyberX Threat Intelligence developed custom firmware that allowed them to perform memory dumps. Through these memory dumps, they were able to find memory vulnerabilities that allowed them to develop remote code execution exploits for Rockwell Automatic Micrologix controllers. They were then able to upload malicious firmware to the device.