BINARLY has identified six critical vulnerabilities in U-Boot, an open-source bootloader integral to many devices, including routers and smart cameras. These flaws range from allowing arbitrary code execution during boot image verification to causing denial-of-service conditions. The vulnerabilities have been present since version v2013.07, affecting over 50 stable releases. Malicious exploitation of these flaws could compromise devices early in the boot process, making detection difficult. Patches have been accepted and should be applied by organizations utilizing U-Boot in their devices.
UBoot flaws put routers, cameras at risk of early boot attacks
CyberSIXT Evidence Panel
Primary Source
binarly.io
Article by CyberSIXT
Timeline Coverage
Swipe to explore timeline
-
UBoot flaws put routers, cameras at risk of early boot attacks
securityaffairs.com
-
Six U Boot flaws leave embedded devices open to boot time attacks
thehackernews.com