A team of ethical hacking specialists from Eclypsium security firm has revealed a report describing a critical vulnerability present in the design of software used in modern drivers that, if exploited, would allow threat actors to get high privileges that would guarantee them unrestricted access to hardware.
Reports claim that more than 40 hardware manufacturers could be affected by the vulnerability, including big names in the industry like Asus, Realtek, Gigabyte, AMD, Intel and Toshiba.
According to ethical hacking experts, the vulnerability, present in all modern versions of Windows, is a clear example of a fundamental problem in the certification process of Microsoft drivers, as all components potentially compromised were certified by this tech giant.
“A vulnerable driver could allow any threat actor to escalating privileges on the compromised device, so we notify Microsoft expecting the corresponding patches to be released as soon as possible,” the experts in charge of the investigation said. This firm specializes in software for protection against firmware-based attacks.
After the list of vulnerable manufacturers was publicly disclosed, an Intel spokesperson mentioned that the company has already issued a security alert through the Intel Processor Diagnostic Tool, recommending users upgrade their systems to the most recent version. Apparently not all companies were aware of this situation, as seems to be the case with AMD, which did not comment on it until a few hours ago, through its blog.
Ethical hacking experts mentioned that these findings could hinder firmware security efforts in the future, as there is no universal mechanism to prevent these security risks on all drivers available on the market. “This could create a window of opportunity for hackers, as it gives them the ability to corrupt any component or collect information for long periods of time without being detected,” the experts added.
As a precautionary measure, ethical hacking experts from the International Institute of Cyber Security (IICS) recommend performing periodic firmware scans and upgrading each time manufacturers release new patches and software versions. Firmware integrity monitoring is also vital, as it helps detect unauthorized changes or anomalies before problems grow to such point.