Security researchers have discovered that hundreds of models from top manufacturers, including Lenovo, Dell, HP, HPE, Supermicro, Intel, MSI, and Gigabyte, are using a test platform key generated by America Megatrends Internationa (AMI). This key was likely included in AMI’s reference implementation and clearly labelled as not trustable and unfit for deployment.
The implications? Any device using the test security key is vulnerable to PKfail. This firmware supply-chain issue allows any attacker with access to the private part of the key to easily bypass Secure Boot by manipulating the Key Exchange Key (KEK) database, the Signature Database (db), and the Forbidden Signature Database (dbx). The issue is cross-silicone, meaning it affects both ARM and x86 processors across Windows and Linux machines.
In simple terms, it means that exploiting PKfail allows attackers to run untrusted code, which can be anything from malware, ransomware, or any other potentially malicious piece of code, during the boot process, despite Secure Boot being enabled. This means that malware can get access to your system before even the OS or any security programs have had the chance to boot.
Breaking Secure Boot
The shocking discovery was made by security researchers at Binarly. The key in question, generated by AMI was likely included in their reference implementations with the expectation that “it would be replaced with another safely generated key by downstream entities in the supply chain.” Even the signature of the key in question clearly states “DO NOT TRUST” as the key is meant for tests and is expected to be replaced by a more secure key generated by the device manufacturer.
To understand the full scope of the problem, Binarly scanned an internal dataset of UEFI images representative of the UEFI ecosystem containing tens of thousands of images released in the last decade by all major device vendors. Their findings? More than 10 per cent of all firmware in their dataset uses an untrusted platform key. The first firmware vulnerable to PKfail was released in May 2012, with the latest released in June 2024 making this one of the longest-lasting supply-chain vulnerabilities spanning over 12 years.
Overall, Binarly researchers found 22 unique untrusted keys in use, affecting almost 900 devices which can be found in their BRLY-2024-005 advisory. That said, the link Binarly provided to the advisory in their announcement seems to have been either broken or taken down at the time of writing.
Discovering private components of these platform keys isn’t a very difficult endeavour either. Researchers found the private component of one private key in a data leak where an ODM employee published source code containing the private key on a public GitHub repository. The private key was stored in an encrypted file protected with a weak four-character password, easily cracked with any password cracking or brute forcing tool.
In the News: Apple Maps is coming to the web
