Overview
Explore a critical security vulnerability in Silicon Labs' Gecko platform in this 36-minute conference talk from Ekoparty 2023. Dive into the intricacies of over-the-air (OTA) firmware updates and discover how a flaw in the Gecko SDK's update mechanism can be exploited to bypass Secure Boot and firmware signature verification. Learn about the fuzzing techniques used to uncover the vulnerability, and gain insights into the challenges of exploiting embedded systems. Follow the speaker's journey from identifying the weakness to successfully compromising the Secure Boot mechanism, highlighting the potential risks for a wide range of connected devices built on Silicon Labs' chips.
Syllabus
Breaking Secure Boot on the Silicon Labs Gecko platform - Sami Babigeon - Ekoparty 2023
Taught by
Ekoparty Security Conference