Black Hat: If it’s smart, it’s vulnerable

Contents

As every year, the global security community meets for the Black Hat Briefings in Las Vegas. The keynote speech was given by Mikko Hyppönen, former malware analyst at F-Secure and now at WithSecure. The Finn looked back on 30 years of malware and held up an old 5.25" floppy disk. He showed the process of how teenagers used to write boot sector viruses and how this evolved through cybercrime gangs to government malware.

Hyppönen is of the opinion that software is becoming more and more secure – has also coined the phrase: "If it's smart, it's vulnerable". So if it's smart, it also has vulnerabilities – from the smartwatch to the smart city.

Incidentally, visitors were also able to follow his presentation in Spanish, Japanese, Mandarin, French and Korean thanks to the new simultaneous translation service. The reason for this is the high number of visitors from Asia; this year's speakers also include many from Asia and Israel.

Out of the VMware guest

Breaking out of the hypervisor guest next: VMware did not fix the vulnerability from 2023 when patching the virtual xHCI interface. Researchers Yuhao Jiang and Ziming Zhang from the ANT Group in China showed how to break out of a VMware guest system and gain access to the host by exploiting the "use after free" vulnerability in the VM's ring buffer. They also presented a vmKernel heap exploit, with matching shellcode from the VMware guest they obtained an SSH login under root on the ESXi server.

Once again, it is clear that hardware economy is also required for VMs. If you do not need USB, you should not integrate virtual USB hosts into VM guest systems.

The worm in the apple

Gal Elbaz, Avi Lumelsky and Uri Katz from Oligo Security wondered why access from almost all Apple devices is possible locally on port 7000. The port is used by AirPlay and CarPlay to stream media to speakers or televisions. During the analysis, the researchers found hair-raising security vulnerabilities in the protocol – and even worse: in the Apple SDK, they discovered a zero-click RCE, i.e. a way to execute arbitrary program code. The SDK is used by device manufacturers to implement CarPlay and AirPlay.

It is particularly bad because the port reports to Apple via mDNS (multicast) in the network. The vulnerabilities enabled the researchers to obtain a root shell on a Bose speaker and then use it to break into a Panasonic car radio. This makes it possible to hack from one AirPlay and CarPlay device to the next.

The researchers also complained that Apple has a rate limit for submitting vulnerabilities – after 16 CVEs, the message says that further vulnerabilities can only be reported the next day. Apple worked with the researchers to quickly fix the vulnerabilities on iOS. So anyone who updates their Apple products is at least keeping them secure.

Cisco also quickly fixed the Apple SDK vulnerabilities. The situation is completely different for the more than 800 AirPlay devices from Asia, and the same applies to the many car radios that no longer receive updates.

And another container outbreak

Andres Riancho, Hillai Ben-Sasson and Ronen Shustin from Wiz showed how to quickly break out of an Nvidia container, which is often used by IaaS AI data centers based on Kubernetes. With some providers, they even managed to capture data from other customers.

Once again, this shows that if you want to make AI compliant with data protection regulations, there is no getting around having your own hardware. Rental infrastructure in the cloud is by no means secure and no customer data belongs there.

A new UEFI malware technique

Kazuki Matsuo from FRRI presented how it is possible to reserve memory at UEFI BIOS level in such a way that the content can continue to be used by the operating system even after booting – and functions of the UEFI can be carried out by the BIOS in parallel with the operating system, such as URL and port access.

Intel had previously secured the SMM (System Management Mode) vulnerabilities that previous UEFI BIOS malware exploited. However, Matsuo uses a new method to hide code from the OS that is no longer used by the operating system. The memory is simply no longer logically accessible by the OS.

In a live demo, he showed how these functions can be used to carry out socket communication despite a blocked port in the Defender firewall, completely bypassing the operating system. So even with UEFI malware, it remains an eternal cat-and-mouse race.

Access to Axis cameras

Noam Moshe took a look at the Axis camera servers, specifically their protocols and authentication. He found an authentication bypass (CVE-2025-30026), which gave him full control over all cameras and the management server. All he had to do was append _/ to the URL from the alternative port 55754 to the default protocol port. In addition, Axis can also output the host and NTLM information via the protocol.

It has knocked on the door of numerous camera servers on the Internet and found many schools, hospitals and companies where it is easy to gain full control over the cameras. After the USA, Germany is in second place for Axis systems that can be attacked in this way.

Once again, this indicates that IoT and cameras belong in a separate network or at least a VLAN with a VPN and a hardware firewall – and not simply connected to the internet. Otherwise, you will quickly become an involuntary Big Brother for all internet hackers.

An overview of the Black Hat Briefings can be found here.

(vbr)