3 min Security

Leaked key cripples Secure Boot on numerous PCs and servers

Leaked key cripples Secure Boot on numerous PCs and servers

A leaked private key compromised the protection of Secure Boot in 2022. Other keys were also explicitly declared unfit, but that did not stop OEMs from equipping hundreds of systems with them. The integrity of Secure Boot is compromised as a result.

Secure Boot runs at the UEFI (Unified Extensible Firmware Interface) level, the successor to the BIOS of old. Every desktop, laptop, server and countless embedded devices use it as the launchpad for operating systems. In addition to controlling all peripherals, the UEFI layer is crucial for platform security. The legitimate OS uses a private key for approval by Secure Boot. This so-called Platform Key is a root-of-trust key that must be kept secret from malware makers. That hasn’t worked out well, Binarly’s research shows.

“Holy grail”

Binarly calls Secure Boot the “holy grail” of platform security. Since 2014, boot security has barely evolved, the researchers argue. Intel Boot Guard, which also dates back to 2014, was found to have been compromised by a supply chain incident in 2023, Binarly research found. Earlier this year, the team discovered that one of the private keys related to the Platform Key used in numerous machines had been leaked. In many cases, the devices using this private key are very recent, Binarly reveals. An employee had posted the source code containing the Platform Key on GitHub. In it, the private component of the key was protected with a four-character password. That protection was cracked in no time.

In addition, it is very noteworthy that certain private keys are still being used. The certificate includes the terms “DO NOT TRUST” and “DO NOT SHIP”, indicating test keys that should not have been used in commercial products. On several occasions in recent years, users have publicly questioned on the Internet why their key was marked with a “DO NOT TRUST” label. The use of an “Untrusted AMI Test Certificate/Key” has been a documented vulnerability since 2016, CVE-2016-5247, as well. Thus, insecure keys have been swimming around for years.

Method of attack

An attack via “PKfail,” as Binarly describes the vulnerability, is relatively simple. “it relies on standard
tooling normally used to interact with Secure Boot,” the researchers said. An attacker must have privileged access to a system and have the private key of the Platform Key being used. From there, one can generate a new Key Exchange Key (KEK) and add the compromised private key to the KEK database. From that point on, a malicious person can sign their own code with signatures that are usually inaccessible.

For now, an exploitation of the vulnerability is only a proof-of-concept. It also appears that the leaked key on GitHub has hardly been seen. Still, it cannot be ruled out that a threat actor will one day exploit it. Users can check if they are vulnerable on their system via this link. This does require the user to upload a firmware binary.

Also read: Old encryption technique in RADIUS protocol opens doors for hackers