Today low-level firmware vulnerabilities are becoming more a focus than in the past, mainly due to the nature of having highest privilege on the system and due to the advanced security protection and mitigation that exist in the host Operating System (OS).
Intel has developed a security engine named CSME (Converged Security and Manageability Engine) that provides a key security value to the platform from start to enablement of the “Root of Trust” concept.
Continuous improvements have been made to the CSME firmware during the past few years that aim to make it more difficult to exploit common memory corruption issues and reduce complexity/privileges of some of the CSME firmware (FW) modules due to security issues published in previous years. We will describe how Intel CSME FW is mitigating these type of security challenges by applying industry standards mitigation tailored to the FW environment.
We will share deep technical detail on how other firmware environments can achieve the same results by applying the same technology and we will share the why of how we apply a feedback fuzzing and queue-management in a generic form, so it could be applied on any given existing fuzzer.
Shai Hasarfaty is a principal security research engineer, leading the Advanced Threat Research (ATR) team at Intel, driving and improving security designed and capabilities in Intel products. Shai has over than 15 years of experience in the world of security: Vulnerability detection, reverse engineering, exploit development, exploit mitigation and fuzzing. Shai also acts as Intel security trainer, delivering extensive classes on these topics.
Yanai Moyal is a security researcher working on Intel ME/CSME since day one back in 2005. He conducted security auditing of CSME FW/ROM design and implementation for past 10 years. Lately, he is in charge to design mitigation for internally / externally identified security issues, to further reduce privileges within CSME and also to harden CSME against future attacks.