BLOG

Securing the building blocks of embedded software

Co-authored by Sofia Tsagiopoulou

Embedded systems are special purpose systems that cover a wide range of applications, from home electronics and industrial control systems, to medical devices and avionics. The remote management & telemetry features of the so called "Internet of Things" family of embedded devices, have made them quite popular and their placement is almost ubiquitous. From a security standpoint, embedded software is not that different to software found in other domains. However, the criticality of its operation, its exposure on public networks, but also its security limitations make it a very attractive target for attackers. This article presents an overview of the building blocks of today's embedded software, analyses inherent weaknesses in the way this software is built and deployed, and highlights recent developments in the handling of the relevant risk.

Remote exploitation of a man-in-the-disk vulnerability in WhatsApp (CVE-2021-24027)

CENSUS has been investigating for some time now the exploitation potential of Man-in-the-Disk (MitD) [01] vulnerabilities in Android. Recently, CENSUS identified two such vulnerabilities in the popular WhatsApp messenger app for Android [34]. The first of these was possibly independently reported to Facebook and was found to be patched in recent versions, while the second one was communicated by CENSUS to Facebook and was tracked as CVE-2021-24027 [33]. As both vulnerabilities have now been patched, we would like to share our discoveries regarding the exploitation potential of such vulnerabilities with the rest of the community.

Using program instrumentation to identify security bugs (Oπe\n conf 2020)

On November 7, 2020 I had the pleasure of doing a gentle introduction to program instrumentation to an audience of mostly developers at the "Oπe\n conf 2020" conference. The presentation showed how instrumentation could be used to identify security bugs in software, but also how to protect production binaries from exploitation through program instrumentation.

Emulating Hypervisors: a Samsung RKP case study (OffensiveCon 2020)

Hello, I'm Aris Thallas, a computer security researcher working at CENSUS. Back in February 2020 I had the pleasure of presenting my work on proprietary hypervisor emulation and bug discovery at the OffensiveCon 2020 conference.