LogoFAIL
   HOME

TheInfoList



Click Here for Items Related To - LogoFAIL
OR:
LogoFAIL on:   [Wikipedia]   [Google]   [Amazon]

LogoFAIL is a
security vulnerability Vulnerabilities are flaws or weaknesses in a system's design, implementation, or management that can be exploited by a malicious actor to compromise its security. Despite a system administrator's best efforts to achieve complete correctness, vir ...
and exploit thereof that affects computer motherboard firmware with
TianoCore EDK II TianoCore EDK II (formerly Tiano) is the reference implementation of UEFI by Intel. EDK is the abbreviation for EFI Development Kit and is developed by the TianoCore community. TianoCore EDK II is the de facto standard generic UEFI services imple ...
, including Insyde Software's InsydeH2O modules and similar code in AMI and Phoenix firmware, which are commonly found on both
Intel Intel Corporation is an American multinational corporation and technology company headquartered in Santa Clara, California, and Delaware General Corporation Law, incorporated in Delaware. Intel designs, manufactures, and sells computer compo ...
and
AMD Advanced Micro Devices, Inc. (AMD) is an American multinational corporation and technology company headquartered in Santa Clara, California and maintains significant operations in Austin, Texas. AMD is a hardware and fabless company that de ...
motherboards, and which enable loading of custom boot logos. The exploit was discovered in December 2023 by researchers at Binarly.


Description

The vulnerability exists when the Driver Execution Environment (DXE) is active after a successful Power On Self Test (POST) in the
UEFI Unified Extensible Firmware Interface (UEFI, as an acronym) is a Specification (technical standard), specification for the firmware Software architecture, architecture of a computing platform. When a computer booting, is powered on, the UEFI ...
firmware (also known as the BIOS). The UEFI's boot logo is replaced with the exploit payload at this point, and the exploit can then take control of the system.


Patches

Intel patched the issue in
Intel Management Engine The Intel Management Engine (ME), also known as the Intel Manageability Engine, is an autonomous subsystem that has been incorporated in virtually all of Intel's processor chipsets since 2008. It is located in the Platform Controller Hub of m ...
(ME) version 16.1.30.2307 in December 2023. AMD addressed the problem in AGESA version 1.2.0.b, although some motherboard manufacturers did not include the fix under AGESA 1.2.0.c.


External links


CVE-2023-40238Binarly analysis of LogoFAIL


References

2024 in computing Computer security exploits X86 architecture {{computer-security-stub