Exploiting Undocumented Hardware Blocks in the LPC55S69 Microcontroller #ReverseEngineering

Oxide Computer was designing a new computer system from the ground up. Along the way they carefully reviewed all hardware selected to ensure it meets functional and security needs. This work includes reverse engineering where necessary to get a full understanding of the hardware. During the process of reverse engineering the NXP LPC55S69 ROM, they discovered an undocumented hardware block intended to allow NXP to fix bugs discovered in the ROM by applying patches from on-device flash as part of the boot process.

Unfortunately, this undocumented block is left open and accessible by non-secure, unprivileged user code thus allowing attackers to make runtime modifications to purportedly trusted APIs, allowing them to potentially hijack future execution and subvert multiple security boundaries. This issue has been assigned CVE-2021-31532.

Read more including POC code in the post.

Stop breadboarding and soldering – start making immediately! Adafruit’s Circuit Playground is jam-packed with LEDs, sensors, buttons, alligator clip pads and more. Build projects with Circuit Playground in a few minutes with the drag-and-drop MakeCode programming site, learn computer science using the CS Discoveries class on code.org, jump into CircuitPython to learn Python and hardware together, TinyGO, or even use the Arduino IDE. Circuit Playground Express is the newest and best Circuit Playground board, with support for CircuitPython, MakeCode, and Arduino. It has a powerful processor, 10 NeoPixels, mini speaker, InfraRed receive and transmit, two buttons, a switch, 14 alligator clip pads, and lots of sensors: capacitive touch, IR proximity, temperature, light, motion and sound. A whole wide world of electronics and coding is waiting for you, and it fits in the palm of your hand.

Join 28,000+ makers on Adafruit’s Discord channels and be part of the community! http://adafru.it/discord

Have an amazing project to share? The Electronics Show and Tell is every Wednesday at 7pm ET! To join, head over to YouTube and check out the show’s live chat – we’ll post the link there.

Join us every Wednesday night at 8pm ET for Ask an Engineer!

Follow Adafruit on Instagram for top secret new products, behinds the scenes and more https://www.instagram.com/adafruit/

CircuitPython – The easiest way to program microcontrollers – CircuitPython.org

Maker Business — Peloton to break ground at a new manufacturing campus in Ohio

Wearables — A costume and a photo op

Electronics — Ew! Sticky!

Python for Microcontrollers — Python on Microcontrollers Newsletter: New CircuitPython Releases, RP2040 Singles and more! #Python #Adafruit #CircuitPython @micropython @ThePSF

Adafruit IoT Monthly — Toddler Clock, Predictive Weather Station, and more!

Microsoft MakeCode — Arcade Beginner Skillmap

EYE on NPI — Maxim’s Himalaya uSLIC Step-Down Power Module #EyeOnNPI @maximintegrated @digikey

New Products – Adafruit Industries – Makers, hackers, artists, designers and engineers! — New Products 06/09/21 feat. #Adafruit #Trinkey #QT2040 – RP2040 USB Key with Stemma QT!

Get the only spam-free daily newsletter about wearables, running a "maker business", electronic tips and more! Subscribe at AdafruitDaily.com !

No Comments

No comments yet.

Sorry, the comment form is closed at this time.

Filed under: microcontrollers, reverse engineering
Tags: , — by Anne Barela

Comments Off on Exploiting Undocumented Hardware Blocks in the LPC55S69 Microcontroller #ReverseEngineering