Unsigned Firmware Let Millions of Windows & Linux Systems Vulnerable validmn, astra-shoporg

Researchers discovered multiple unsigned firmware in various system components such as WiFi adapters, USB hubs, trackpads, and cameras used in Lenovo, Dell, HP and other major manufacturers.
The flaws existing in these components allowed the attackers to compromise millions of Windows and Linux systems, and exfiltrate the data, disrupt the operation also implant the malware.
Once firmware components are infected, it allowed attackers to implant malware that stays undetected by any software security controls.
The primary issue in the flaw is that many of the peripheral devices do not verify that firmware is properly signed with a high-quality public/private key before running the code. 
It means these above list components have no way to validate that the firmware loaded by the device is properly authenticated and trusted.
It can be taking advantage of the attacker and simply insert a malicious or vulnerable firmware image that eventually trusted by the component blindly and let it run on the device.
In results, Unsigned firmware in wifi adapters, USB hubs, trackpads, laptop cameras and network interface cards provides multiple pathways for malicious attackers to compromise laptops and servers.
Researchers explain the following very simple and powerful scenario for an attack:
For example, If the malicious firmware implant in the network adaptor, it allows attackers to sniff, copy, redirect, or alter traffic leading to a loss of data, man-in-the-middle and other attacks. 
Researchers from Eclypsium  explains some of the vulnerable firmware in various computer brands such as Lenovo, Dell and USB adapter.
Researchers analyzed a Lenovo ThinkPad X1 Carbon 6th Gen laptop that used the following firmware.
Both firmware contains an insecure update mechanism, and it doesn’t require any cryptographic signature verification before applied the firmware update.
It potentially allowed attackers to modify the firmware images through software to run arbitrary malicious code within these components.
A firmware update distributed by HP components was unencrypted and lacked authenticity checks.
Also, these firmware doesn’t contains any form of cryptographic signature or other authenticity information. 
During this research, experts demonstrate the flaw that allows modifying the firmware of the WiFi adapter on a Dell XPS 15 9560 laptops running Windows 10.
In this above image, the firmware image for the WiFi adapter is correctly signed by the drivers and also it displayed the small certificate icon.
Once researchers modified the firmware image for the Wifi adapter, the certificate icon is gone way.
Researchers tested the unsigned firmware in a network interface card (NIC) chipset, in which specifically the Broadcom BCM5719 chipset in the NIC was used in this demonstration, and is commonly used in current-generation servers from multiple manufacturers.
In this demonstration, researchers intercept the contents of BMC network packets, provide those contents to malware running on the host and also they were able to modify BMC traffic online.
These critical flaws clearly indicate that unsigned firmware can lead to the loss of data, integrity, and privacy, and can allow attackers to gain privileges and hide from traditional security controls.
Also Read: Most Important Network Penetration Testing Checklist
validmn astra-shoporg