search menu icon-carat-right cmu-wordmark

CERT Coordination Center

Insecure Platform Key (PK) used in UEFI system firmware signature

Vulnerability Note VU#455367

Original Release Date: 2024-08-30 | Last Revised: 2024-08-30

Overview

A vulnerability in the user of hard-coded Platform Keys (PK) within the UEFI framework, known as PKfail, has been discovered. This flaw allows attackers to bypass critical UEFI security mechanisms like Secure Boot, compromising the trust between the platform owner and firmware and enabling manipulation of sensitive system settings.

Description

The UEFI standard establishes trust relationships using Public Key Infrastructure (PKI) between the platform owner, the platform firmware, and the operating system. Central to this process is the Platform Key (PK), which is designed to secure the connection between the platform owner and the platform firmware.

The platform owner enrolls the public half of the key (PKpub) into the platform firmware. The platform owner can later use the private half of the key (PKpriv) to change platform ownership or to enroll a Key Exchange Key. For UEFI, the recommended Platform Key format is RSA-2048. (Section 7.2.1 of the UEFI 2.3.1 Errata C standard)

The PKFail vulnerability highlights a critical flaw in the UEFI ecosystem. While the Platform Key is expected to originate from the Original Equipment Manufacturer (OEM) using a secure hardware security module (HSM), in practice, much of the UEFI software and drivers are developed by a complex network of supply-chain partners and Independent BIOS Vendors (IBVs). These components are often shared across multiple OEMs. In some cases, temporary test software keys, or "softkeys," which are hard-coded for ease of build and testing, inadvertently make their way into production firmware.

These softkeys, intended solely for compatibility testing and performance evaluation, are supposed to be untrusted and restricted in their usage. The current UEFI's key verification process is limited - it only checks against the keys in the local database, with no verification against the root Certificate Authority (CA) or special validation of extended attributes. Although keys cannot be self-signed, the lack of stringent verification allows these untrusted keys to be mistakenly included in production firmware.

Recent audits have uncovered that many OEM devices shipped with hard-coded, untrusted keys in their production UEFI firmware. Despite these keys often having attributes like "DO NOT TRUST," there is no programmatic safeguard or other validations (say attribute-based) to prevent their inclusion in final products. The compromise or leak of these private keys could have bad consequences, allowing attackers to sign malicious modules that execute with high privileges during the boot process, even if Secure Boot is enabled. This undermines the very purpose of signed software verification, leaving systems vulnerable to untrusted and malicious modules.

Compounding the issue, UEFI firmware is largely invisible to most Endpoint Detection and Response (EDR) software, making it difficult to audit and detect the use of compromised keys. Moreover, many UEFI implementations lack Remote Measurement or Auditing capabilities that could dynamically check the integrity of the key database via network resources.

Impact

An attacker with access to an undesired-yet-trusted test Platform Key's private portion can exploit it to sign malicious UEFI software, enabling the execution of code with the highest privileges during the early boot phases of a UEFI Secure Boot-protected system. A successful attack could lead to the following impacts:

  • Invalidation or bypass of UEFI security features like SecureBoot.
  • Installation of persistent software that cannot be easily detected or erased, that can also persist across reboots and potentially surviving OS reinstalls.
  • Creation of backdoors and back communications channels to exfiltrate sensitive data.
  • Interruption of system execution leading to device damage or permanent shutdown.

Solution

  • Update UEFI Firmware: Ensure you install the latest stable version of UEFI firmware provided by your PC vendor or the reseller of your computing environment. Refer to the Vendor Information section below for specific resources and updates from vendors addressing these vulnerabilities.
  • Use Researcher Tools for Impact Assessment: Utilize tools and information provided by Binarly to assess the impact of untrusted Platform Keys on your systems. These resources can help you conduct a thorough analysis of affected systems.
  • Leverage Automatic Firmware Updates: If your operating system supports automatic or managed firmware updates (e.g., Linux Vendor Firmware Service, LVFS), regularly check for updates using fwupdmgr get-updates and apply them with fwupdmgr update or use Windows OEM supported mechanisms as appropriate. Keeping your firmware up to date is crucial in mitigating the risks associated with PKfail.

Acknowledgements

Thanks to Binarly for disclosing this vulnerability. This document was written by Vijay Sarvepalli.

Vendor Information

455367
 

Fujitsu Europe Affected

Notified:  2024-08-06 Updated: 2024-08-30

Statement Date:   August 26, 2024

CVE-2024-8105 Affected

Vendor Statement

Fujitsu is aware of the vulnerabilities in AMI Aptio V ("PKfail").

Affected products are Fujitsu datacenter server devices.

The Fujitsu PSIRT (Europe) released FJ-ISS-2024-072412 on https://security.ts.fujitsu.com (Security Notices) accordingly; see https://security.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-FJ-ISS-2024-072412-Security-Notice.pdf

In case of questions regarding this Fujitsu PSIRT Security Notice, please contact the Fujitsu PSIRT (Europe) (Fujitsu-PSIRT@fujitsu.com).

References

Intel Affected

Notified:  2024-05-23 Updated: 2024-08-30

Statement Date:   August 26, 2024

CVE-2024-8105 Affected

Vendor Statement

"Our investigation of the claim has determined that the products listed are no longer supported by Intel. Please see Intel's public statement at the link below."

References

Supermicro Affected

Notified:  2024-05-23 Updated: 2024-08-30

Statement Date:   July 02, 2024

CVE-2024-8105 Affected

Vendor Statement

The problem was fixed and the latest BIOS versions don't have the issue; however, it was previously affected.

References

American Megatrends Incorporated (AMI) Not Affected

Notified:  2024-05-23 Updated: 2024-08-30

Statement Date:   May 29, 2024

CVE-2024-8105 Not Affected

Vendor Statement

AMI provides test keys for development enablement purposes, not for production/manufacturing purposes.

Insyde Software Corporation Not Affected

Notified:  2024-07-29 Updated: 2024-08-30

Statement Date:   July 29, 2024

CVE-2024-8105 Not Affected

Vendor Statement

We have not received a statement from the vendor.

Phoenix Technologies Not Affected

Notified:  2024-07-29 Updated: 2024-08-30

Statement Date:   August 26, 2024

CVE-2024-8105 Not Affected

Vendor Statement

Phoenix technologies is not affected by the specific instance of an insecure PK. All Independent Firmware Vendors have had this problem, with a OEM/ODM partner not replacing test keys with valid keys, at one time or another. The UEFI Security Sub-team is discussing additional mitigations that may be used across the industry to limit the occurrences of this issue and better detect it when it does happen. Phoenix will continue to participate in these discussions and will implement their mitigation suggestions.

GIGABYTE Unknown

Notified:  2024-05-23 Updated: 2024-08-30

CVE-2024-8105 Unknown

Vendor Statement

We have not received a statement from the vendor.

References

Acer Unknown

Notified:  2024-05-23 Updated: 2024-08-30

CVE-2024-8105 Unknown

Vendor Statement

We have not received a statement from the vendor.

Aopen Unknown

Notified:  2024-08-26 Updated: 2024-08-30

CVE-2024-8105 Unknown

Vendor Statement

We have not received a statement from the vendor.

Dell Unknown

Notified:  2024-05-23 Updated: 2024-08-30

Statement Date:   July 19, 2024

CVE-2024-8105 Unknown

Vendor Statement

We have not received a statement from the vendor.

Formelife Unknown

Notified:  2024-08-26 Updated: 2024-08-30

CVE-2024-8105 Unknown

Vendor Statement

We have not received a statement from the vendor.

Fujitsu HQ Unknown

Notified:  2024-05-23 Updated: 2024-08-30

CVE-2024-8105 Unknown

Vendor Statement

We have not received a statement from the vendor.

Hewlett Packard Enterprise Unknown

Notified:  2024-05-23 Updated: 2024-08-30

CVE-2024-8105 Unknown

Vendor Statement

We have not received a statement from the vendor.

HP Inc. Unknown

Notified:  2024-05-23 Updated: 2024-08-30

CVE-2024-8105 Unknown

Vendor Statement

We have not received a statement from the vendor.

Lenovo Unknown

Notified:  2024-05-23 Updated: 2024-08-30

CVE-2024-8105 Unknown

Vendor Statement

We have not received a statement from the vendor.

View all 15 vendors View less vendors


Other Information

CVE IDs: CVE-2024-8105
API URL: VINCE JSON | CSAF
Date Public: 2024-07-25
Date First Published: 2024-08-30
Date Last Updated: 2024-08-30 13:58 UTC
Document Revision: 1

Sponsored by CISA.