Security researchers working with NCC Group reported, in conformance with appropriate security disclosure protocols, the existence of two unpatched vulnerabilities in the U-Boot bootloader. CVE-2022-30790, leading to root access on the device and arbitrary code execution, and CVE-2022-30552, leading to Denial-of-Service attacks (DoS), were found within the IP defragmentation algorithm implemented within U-Boot. U-Boot is an open-source boot loading solution found within a large number of Linux embedded systems such as ChromeOS and Kindle devices. NCC Group has said it will not release the Proof of Concept (PoC) code until the appropriate patches are made available by the U-Boot maintainers.
There are no reports of this vulnerability being exploited in the wild. NCC Group is following secure disclosure protocols, and therefore it is reasonable to expect no such attempts will be made until after the patches are made available and the PoC is disclosed. It is recommended for organizations to deploy the patches as soon as the U-Boot group makes the fix available, as appropriate to their update cycle. This attack requires access to a local network and therefore will most likely be employed in privilege escalation attempts once an attacker has already secured access. Due to the escalating number of known and unknown vulnerabilities on modern computing systems, a defense in depth strategy utilizing post exploitation detection approaches, such as those employed by Binary Defense’s MDR and Threat Hunting services, is highly recommended.