Researchers conducting a routine security audit recently discovered two serious security flaws within a popular brand of System on a Chip (SoC) boards. The security vulnerability undermines secure boot capabilities. What’s most concerning is the fact that the SoC is deployed in several critical components that go into mainstream industry segments like automotive, aviation, consumer electronics, and even industrial and military equipment. If successfully compromised, the SoC board could easily serve as a platform to launch sophisticated and sustained attacks on some of the most critical infrastructure.
Security researchers with Inverse Path, which is F-Secure’s hardware security team, discovered two security flaws within a popular SoC brand that undermines their secure boot capabilities. While one can be addressed, both the vulnerabilities are currently unpatched. The SoC board is widely preferred for its versatility and robust hardware, but the vulnerabilities could pose some serious security threats. According to the research team, the flaws exist in ‘Encrypt Only’ secure boot mode of the SoC.