Threat Category: Boot firmware
ID: STA-15
Threat Description: Malicious actors can use an unlocked bootloader to gain root access to phones and to launch attack code. These vulnerabilities would allow an attacker to execute arbitrary code as part of the bootloader compromising the entire chain of trust.1
Threat Origin
Not Applicable, See Exploit or CVE Examples
Exploit Examples
Xiaomi Locks Mi Devices’ Bootloaders On Fears Of Malware And Security Risks: Up To 21 Days To Unlock 2
CVE Examples
Not Applicable
Possible Countermeasures
Educate users of the risks of unlocking the device bootloader.
Use EMM/MDM solutions or on-device agents that can potentially detect rooted or jail-broken devices and subsequently, successfully block access to enterprise resources.
Mobile App DeveloperTo mitigate the potential of accessing sensitive data or functionality on rooted or jail-broken devices, leverage device attestation APIs to determine the device is in a known-good state prior to executing sensitve actions.
References
B. Brenner, Fur flies over Android bootloader flaws: here’s what you need to know, Naked Security, blog, 6 Sep. 2017; https://nakedsecurity.sophos.com/2017/09/06/fur-flies-over-android-bootloader-flaws-heres-what-you-need-to-know [accessed 12/02/2019] ↩
M. Mendoza, “Xiaomi Locks Mi Devices’ Bootloaders On Fears Of Malware And Security Risks: Up To 21 Days To Unlock,” Tech Times, 20 Jan. 2016; www.techtimes.com/articles/125681/20160120/xiaomi-locks-mi-devices-bootloaders-on-fears-of-malware-and-security-risks-up-to21-days-to-unlock.htm [accessed 8/26/2016] ↩