Threat Category: Supply Chain
ID: SPC-11
Threat Description: An adversary with access to download and update system software installs a BIOS containing known vulnerabilities for future exploitation.1
Threat Origin
Supply Chain Attack Framework and Attack Patterns 1
Exploit Examples
Not Applicable
CVE Examples
Not Applicable
Possible Countermeasures
System maintenance processes for highly sensitive components such as BIOS should require dual authentication to perform, reducing the likelihood a single adversary can introduce malware
Utilize systems with boot validation and attestation to verify that only genuine boot code is executed during system start-up, halting start-up if integrity verification for any component fails
References