Lenovo has patched a trio of firmware vulnerabilities that could be exploited for UEFI attacks. The three vulnerabilities could be used to deploy flash implants and secure bypass boot.
ESET has discovered and reported three vulnerabilities in the Lenovo notebook BIOS. CVE-2021-3970: A potential vulnerability in LenovoVariable SMI Handler due to insufficient validation in some Lenovo Notebook models could allow an attacker with local access and elevated privileges to run arbitrary code. CVE-2021-3971: A potential vulnerability caused by a driver used during legacy manufacturing processes on some Lenovo consumer notebook devices being incorrectly included in the BIOS image could allow an elevated attacker to exploit the firmware Change protection scope by modifying an NVRAM variable. CVE-2021-3972: A potential vulnerability in a driver used during the manufacturing process on some Lenovo consumer notebook devices that were inadvertently not disabled could allow an elevated attacker to
The backdoors are Lenovo’s own and should only be accessible during manufacturing. Due to an error, however, they were included in the BIOS images that were delivered to customers.
Attackers can exploit these affected firmware drivers to disable SPI flash protection (BIOS control register bits and protected range registers) or the UEFI Secure Boot feature from a privileged user-mode process during the runtime of the operating system to be deactivated directly. These vulnerabilities would allow attackers to exploit SPI flash or ESP implants such as LoJax or the recent Unified Extensible Firmware Interface (UEFI) malware discovery ESPecter on the affected devices and run successfully.
In UEFI cyber-attacks, malicious operations are loaded onto a compromised device early in the boot process. The malware can manipulate configuration data, get stuck, and possibly bypass security measures not loaded until the operating system phase.
On Tuesday, ESET stated that the vulnerabilities affect “more than a hundred different laptop models with millions of users worldwide” caused by drivers intended only to be used during Lenovo’s product development phase.
The list of affected products includes IdeaPads, Legion gaming machines, and Flex and Yoga laptops.
The first vulnerability, CVE-2021-3970, affect the SW SMI handler function. This SMM memory corruption issue, caused by improper input validation, allows attackers to read/write SMRAM, which could allow the execution of malicious code with SMM privileges and the implementation of SPI flash implants.
“SMM is a highly privileged execution mode of x86 processors,” the researchers explain. “SMM code is written in the context of the system firmware and is typically used for a variety of tasks, including advanced power management, execution of OEM proprietary code, and secure firmware updates. It provides an independent execution environment that is completely invisible to the running operating system.”
The other two vulnerabilities, CVE-2021-3971 and CVE-2021-3972, are related to drivers named SecureBackDoor and SecureBackDoorPeim.
Lenovo describes the first vulnerability as “a potential vulnerability through a driver used during legacy manufacturing processes on some Lenovo consumer notebook devices that have been incorrectly included in the BIOS image, which could allow an elevated attacker to [Modify the] firmware protection scope by changing an NVRAM variable.”
The second issue is a “potential vulnerability through a driver used during the manufacturing process on some Lenovo consumer notebook devices that have not been incorrectly disabled [and] could allow an attacker with elevated privileges to change the Secure Boot settings.” to change by modifying an NVRAM variable.”
When queried by Lenovo software, the drivers could be abused to disable Flash Protection and UEFI Secure Boot. Attackers with a high enough privilege level can exploit CVE-2021-3971 to change UEFI firmware settings, and CVE-2021-3972 requires manipulation of NVRAM variables to deploy malicious implants.
ESET reported the three vulnerabilities to Lenovo on October 11, 2021.
It is recommended that users patch their firmware immediately. Lenovo has published a notice and alternative workarounds for users who cannot accept the patches.
However, not all devices on the fixes list will be updated as legacy products. For no longer supported devices, ESET recommends using TPM-enabled disk encryption software to make information inaccessible if UEFI Secure Boot configurations have tampered.
“All real-world UEFI threats discovered in recent years – LoJax, MosaicRegressor, MoonBounce, ESPecter, FinSpy – had to bypass or disable security mechanisms in some way in order to deploy and run,” said ESET researcher Martin Smolár, who developed the discovered vulnerabilities. “Our discovery shows that in some cases, deploying UEFI threats is not as difficult as expected, and the larger number of real-world UEFI threats discovered in recent years indicates that attackers are aware of this.”