Intel confirms leaked Alder Lake BIOS Source Code is authentic

Intel Core cpu

Intel has verified that a supply code leak for the UEFI BIOS of Alder Lake CPUs is reliable, boosting cybersecurity considerations with researchers.

Alder Lake is the name of Intel’s 12th technology Intel Main processors, introduced in November 2021. 

On Friday, a Twitter consumer named ‘freak’ posted back links to what was said to be the resource code for Intel Alder Lake’s UEFI firmware, which they declare was produced by 4chan.

The connection led to a GitHub repository named ‘ICE_TEA_BIOS’ that was uploaded by a person named ‘LCFCASD.’ This repository contained what was described as the ‘BIOS Code from undertaking C970.’

Leaked Alder Lake BIOS resource code
Resource: BleepingComputer

The leak incorporates 5.97 GB of files, resource code, personal keys, alter logs, and compilation equipment, with the hottest timestamp on the documents being 9/30/22, very likely when a hacker or insider copied the data.

BleepingComputer has been instructed that all the resource code was developed by Insyde Software program Corp, a UEFI method firmware enhancement company.

The leaked source code also includes various references to Lenovo, including code for integrations with ‘Lenovo String Service’, ‘Lenovo Secure Suite’, and ‘Lenovo Cloud Support.’

At this time, it is unclear irrespective of whether the resource code was stolen in the course of a cyberattack or leaked by an insider.

On the other hand, Intel has confirmed to Tom’s Hardware that the resource code is authentic and is its “proprietary UEFI code.”

“Our proprietary UEFI code seems to have been leaked by a third party. We do not believe this exposes any new safety vulnerabilities as we do not count on obfuscation of details as a security measure. This code is protected under our bug bounty software within just the Project Circuit Breaker marketing campaign, and we stimulate any scientists who may identify possible vulnerabilities to bring them our awareness by means of this plan. We are reaching out to the two shoppers and the stability exploration group to continue to keep them knowledgeable of this scenario.” – Intel spokesperson.

Safety researchers concerned

Whilst Intel has downplayed the security hazards of the source code leak, security researchers alert that the contents could make it less difficult to obtain vulnerabilities in the code.

“The attacker/bug hunter can massively benefit from the leaks even if leaked OEM implementation is only partially employed in the production,” points out hardware security organization Hardened Vault.

“The Insyde’s solution can help the protection scientists, bug hunters (and the attackers) uncover the vulnerablity and fully grasp the end result of reverse engineering quickly, which provides up to the extensive-term high threat to the users.”

Beneficial Systems components researcher Mark Ermolov also warned that the leak provided a KeyManifest non-public encryption essential, a private essential utilized to secure Intel’s Boot Guard platform.

Mark Emolov tweet

Although it is not crystal clear if the leaked non-public essential is utilised in production, if it is, hackers could possibly use it to modify the boot coverage in Intel firmware and bypass components stability.

BleepingComputer has contacted Intel, Insyde, and Lenovo with queries about the leak and regardless of whether the personal keys have been applied in production.

We will update this posting with any responses as we master extra.

Leave a Reply