Exploiting Undocumented Hardware Blocks in the LPC55S69 Microcontroller #ReverseEngineering

Oxide Computer was designing a new computer system from the ground up. Along the way they carefully reviewed all hardware selected to ensure it meets functional and security needs. This work includes reverse engineering where necessary to get a full understanding of the hardware. During the process of reverse engineering the NXP LPC55S69 ROM, they discovered an undocumented hardware block intended to allow NXP to fix bugs discovered in the ROM by applying patches from on-device flash as part of the boot process.

Unfortunately, this undocumented block is left open and accessible by non-secure, unprivileged user code thus allowing attackers to make runtime modifications to purportedly trusted APIs, allowing them to potentially hijack future execution and subvert multiple security boundaries. This issue has been assigned CVE-2021-31532.

Read more including POC code in the post.

Stop breadboarding and soldering – start making immediately! Adafruit’s Circuit Playground is jam-packed with LEDs, sensors, buttons, alligator clip pads and more. Build projects with Circuit Playground in a few minutes with the drag-and-drop MakeCode programming site, learn computer science using the CS Discoveries class on code.org, jump into CircuitPython to learn Python and hardware together, TinyGO, or even use the Arduino IDE. Circuit Playground Express is the newest and best Circuit Playground board, with support for CircuitPython, MakeCode, and Arduino. It has a powerful processor, 10 NeoPixels, mini speaker, InfraRed receive and transmit, two buttons, a switch, 14 alligator clip pads, and lots of sensors: capacitive touch, IR proximity, temperature, light, motion and sound. A whole wide world of electronics and coding is waiting for you, and it fits in the palm of your hand.

Join 30,000+ makers on Adafruit’s Discord channels and be part of the community! http://adafru.it/discord

Have an amazing project to share? The Electronics Show and Tell is every Wednesday at 7pm ET! To join, head over to YouTube and check out the show’s live chat – we’ll post the link there.

Join us every Wednesday night at 8pm ET for Ask an Engineer!

Follow Adafruit on Instagram for top secret new products, behinds the scenes and more https://www.instagram.com/adafruit/

CircuitPython – The easiest way to program microcontrollers – CircuitPython.org

Maker Business — The Defense Production Act and the global supply chain

Wearables — Feathers from leather

Electronics — Get Oriented!

Python for Microcontrollers — Python on Microcontrollers Newsletter: Events, Projects, and much more! #Python #Adafruit #CircuitPython @micropython @ThePSF

Adafruit IoT Monthly — No-Code IoT with WipperSnapper, Beaming Internet across the Congo, and more!

Microsoft MakeCode — MakeCode Thank You!

EYE on NPI — Maxim’s Himalaya uSLIC Step-Down Power Module #EyeOnNPI @maximintegrated @digikey

New Products – Adafruit Industries – Makers, hackers, artists, designers and engineers! — JP’s Product Pick of the Week 10/19/21 DRV2506L Haptic Motor Controller @adafruit @johnedgarpark #adafruit #newproductpick

Get the only spam-free daily newsletter about wearables, running a "maker business", electronic tips and more! Subscribe at AdafruitDaily.com !

No Comments

No comments yet.

Sorry, the comment form is closed at this time.

Filed under: microcontrollers, reverse engineering
Tags: , — by Anne Barela

Comments Off on Exploiting Undocumented Hardware Blocks in the LPC55S69 Microcontroller #ReverseEngineering