Key material extraction from SE through malicious firmware
Description
Key material extraction from SE through malicious firmwareCWE
CVE
Attack Surfaces
Non-Volatile Memory (MITRE EMB3D PID-3122)
Firmware RoT (MITRE EMB3D PID-25)
Attack Vectors
Malicious Firmware (MITRE EMB3D TID-203)
Vulnerable Firmware Image
Memory Corruption
NVM Tampering
Defenses
Key storage, Physical memory protection, Physical memory attribution, Machine mode access only
Secure Boot Verification, Secure Boot, Code Signing, Secure Boot Keys
Firmware Integrity Checks, Integrity Verification, Digital Signatures, Hash Functions