Showing Posts About
Firmware protection
- 13 Sep 2023
Guiding black-box CAN fuzzing with electromagnetic side-channel analysis
An electromagnetic side-channel analysis technique is introduced for guiding black-box CAN fuzzing in automotive Electronic Control Units (ECUs). The method helps identify valid CAN message IDs by analyzing electromagnetic emissions during message processing. This approach improves fuzzing effectiveness when detailed system documentation is unavailable.
-
Ken Gannon - 21 Apr 2022
Faking Another Positive COVID Test
A vulnerability was discovered in the Cue Health Home COVID-19 Test that allows manipulation of Bluetooth-transmitted test results. By exploiting weaknesses in the device's Protobuf communication protocol, test results could be changed from negative to positive. A Frida script was developed to intercept and modify Bluetooth packets, successfully altering the test outcome.
-
Andrea Barisani - 11 Feb 2020
TamaGo
TamaGo is a Go-based framework for developing secure embedded system firmware without C dependencies or complex operating systems. It provides a minimal runtime with direct hardware drivers for specific System-on-Chip platforms, enabling Go applications to run directly on bare metal hardware. The framework aims to reduce firmware attack surfaces by eliminating traditional low-level code complexities.
- 8 Jan 2015
CVE-2014-8272: A Case of Weak Session-ID in Dell iDRAC
A vulnerability in Dell iDRAC's IPMI v1.5 implementation allows unauthenticated attackers to predict session IDs. The weak session ID generation mechanism enables attackers to inject arbitrary commands into privileged sessions by exploiting predictable session identification. The vulnerability potentially allows privilege escalation across different IPMI communication channels.