Proceedings of the XXth Conference of Open Innovations Association FRUCT | |
UEFI BIOS and Intel Management Engine Attack Vectors and Vulnerabilities | |
Alexander Ogolyuk1  Andrey Sheglov1  Konstantin Sheglov1  | |
[1] Saint Petersburg National Research University of Information Technologies, Mechanics and Optics, St. Petersburg, Russia; | |
关键词: firmware; UEFI; BIOS; Intel Management Engine; SMM; | |
DOI : | |
来源: DOAJ |
【 摘 要 】
We describe principles and implementation details of UEFI BIOS attacks and vulnerabilities, suggesting the possible security enhancement approaches. We describe the hidden Intel Management Engine implementation details and possible consequences of its security possible discredit. Described breaches in UEFI and Intel Management Engine could possibly lead to the invention of "invulnerable" malicious applications. We highlight the base principles and actual state of Management Engine (which is a part of UEFI BIOS firmware) and its attack vectors using reverse engineering techniques.
【 授权许可】
Unknown