Overview
Explore a comprehensive breakdown of Azure Sphere IoT platform security in this 38-minute conference talk from Nullcon International Security Conference March 2021. Dive into Microsoft's approach to IoT security, examining lightweight security features in the custom SoC and patched Linux kernel. Learn about the Azure Sphere Security Research Challenge and discover 16 vulnerabilities identified by Cisco Talos, including a privilege escalation chain. Gain insights into IoT security, vulnerability research, and the specific challenges posed by Azure Sphere's architecture. Follow the speaker's journey through various security aspects, from app manifests to unsigned code execution and privilege escalation techniques.
Syllabus
Intro
The Azure Sphere Security Research Challenge ASSF
Azure Sphere Overview
App_manifest.json
For the Managers
For the Nerds
ASSRC Program Scope
Cool Vulns Discovered
READ_IMPLIES_EXEC
Unsigned Code Execution - PACKET_MMAP
The Escalation Chain - ASXipFS
The Escalation Chain - /dev/mtdblock1
The Escalation Chain - /mnt/config/uid_map
The Escalation Chain - Ptrace & Caps
Taught by
nullcon