Low Level BootROM Protocol Fuzzing Secure Memory Regions

Explore low-level BootROM protocol fuzzing and secure memory region vulnerabilities in this 44-minute conference talk from Hack In The Box Security Conference. Dive into the world of secure microcontrollers, their BootROM functions, and the challenges of identifying vulnerabilities in these heavily hardened systems. Learn about a custom fuzzing framework developed for low-level protocols like SPI, I2C, USB, and UART, and discover how it uncovered memory corruption vulnerabilities in BootROM USB device driver stacks. Gain insights into the importance of fuzzing techniques for embedded systems security, the disclosure process for identified vulnerabilities, and potential applications of this approach to other secure elements and devices.

Intro
Microcontroller BootROM Functions
BootROM Security Functions What different vendor provide
Microcontroller Use cases
Microcontroller Peripherals API's
Less focus on Microcontroller Fuzzing?
Need for fuzzing low level Protocols in Mc
Fuzzing Reach
Vulnerabilities found on Modern Microcontrollers
USB 101 -Enumeration Steps
Fuzzing Setup
USB device stack Vulnerability - CVE details
Conclusion & Next Steps