TID-215: Unencrypted SW/FW Updates
Threat Description
If the firmware/software update is not encrypted at rest in storage it can be reverse engineered to identify potential vulnerabilities or extract other information needed to protect devices (e.g., passwords, cryptographic keys). Firmware/software updates can often be directly downloaded from the Internet and reverse engineered, however, firmware/software updates that are unencrypted in transit may also be intercepted and analyzed over-the-wire.
Threat Maturity and Evidence
Proof of Concept
Reverse Engineering Obfuscated Firmware for Vulnerability Analysis
Nozomi researchers demonstrated how the ability to reverse engineer firmware gives attackers the ability to find novel vulnerabilities, or the presence of older vulnerabilities, on a given device.
CWE
CWE-311: Missing Encryption of Sensitive Data
“The product does not encrypt sensitive or critical information before storage or transmission.”