{"id":30869,"date":"2024-11-26T05:00:00","date_gmt":"2024-11-26T02:00:00","guid":{"rendered":"https:\/\/rockvell.com\/?p=30869"},"modified":"2024-11-26T14:57:37","modified_gmt":"2024-11-26T11:57:37","slug":"kaspersky-ics-cert-mut%c9%99x%c9%99ssisl%c9%99ri-unisoc-cipl%c9%99rind%c9%99-kritik-bosluqlar-askar-edib","status":"publish","type":"post","link":"https:\/\/rockvell.com\/?p=30869","title":{"rendered":"Kaspersky ICS CERT m\u00fct\u0259x\u0259ssisl\u0259ri \u201cUnisoc\u201d \u00e7ipl\u0259rind\u0259 kritik bo\u015fluqlar a\u015fkar edib"},"content":{"rendered":"\n

Kaspersky ICS CERT m\u00fct\u0259x\u0259ssisl\u0259ri \u201cUnisoc\u201d \u00e7ipl\u0259rind\u0259 kritik bo\u015fluqlar a\u015fkar edib<\/strong><\/p>\n\n\n\n

Haz\u0131rda onlar\u0131 aradan qald\u0131rmaq \u00fc\u00e7\u00fcn yenil\u0259m\u0259l\u0259r burax\u0131l\u0131b.<\/em><\/p>\n\n\n\n

\u201cCVE-2024-39432\u201d v\u0259 \u201cCVE-2024-39431\u201d identifikatorlar\u0131 t\u0259yin edilmi\u015f bo\u015fluqlar \u201cUnisoc\u201d \u00e7ipl\u0259rind\u0259 a\u015fkar edilib. Bu \u00e7ipl\u0259r Rusiya, Asiya, Afrika v\u0259 Lat\u0131n Amerikas\u0131nda geni\u015f istifad\u0259 olunur v\u0259 smartfonlar, plan\u015fetl\u0259r, avtomobill\u0259r v\u0259 telekommunikasiya avadanl\u0131qlar\u0131nda t\u0259tbiq edilir. A\u015fkar edil\u0259n bo\u015fluqlar t\u0259hl\u00fck\u0259sizlik t\u0259dbirl\u0259rind\u0259n ke\u00e7m\u0259y\u0259 v\u0259 SoC (System on Chip) daxilind\u0259ki modem vasit\u0259sil\u0259 t\u0259tbiq prosessoruna (Application Processor) icaz\u0259siz uzaqdan giri\u015f \u0259ld\u0259 etm\u0259y\u0259 imkan yarad\u0131r. Detallar Balid\u0259 ke\u00e7irilmi\u015f beyn\u0259lxalq \u201cSecurity Analyst Summit\u201d konfrans\u0131nda t\u0259qdim edilib.<\/p>\n\n\n

\n
\"\"<\/figure><\/div>\n\n\n

Kaspersky ICS CERT m\u00fct\u0259x\u0259ssisl\u0259ri konfransda t\u0259cav\u00fczkarlar\u0131n t\u0259tbiq prosessorunda i\u015fl\u0259y\u0259n \u0259m\u0259liyyat sisteminin m\u00fcdafi\u0259 mexanizml\u0259rind\u0259n yan ke\u00e7\u0259, onun n\u00fcv\u0259sin\u0259 uzaqdan daxil ola, \u0259m\u0259liyyat sisteminin n\u00fcv\u0259 s\u0259viyy\u0259sind\u0259 icaz\u0259siz kod i\u015fl\u0259d\u0259 v\u0259 ist\u0259nil\u0259n sistem fayllar\u0131n\u0131 modifikasiya ed\u0259 bildikl\u0259rini n\u00fcmayi\u015f etdiribl\u0259r. M\u00fct\u0259x\u0259ssisl\u0259r bir ne\u00e7\u0259 h\u00fccum vektorunu, o c\u00fcml\u0259d\u0259n, yadda\u015fa birba\u015fa giri\u015f (DMA) kontrolleri il\u0259 manipulyasiya texnikalar\u0131n\u0131 ara\u015fd\u0131r\u0131blar. Bu texnikalar yadda\u015f m\u00fcdafi\u0259 modulu (MPU) kimi m\u00f6vcud m\u00fcdafi\u0259 t\u0259dbirl\u0259rind\u0259n yan ke\u00e7m\u0259y\u0259 imkan verir. Bu metod Kaspersky m\u00fct\u0259x\u0259ssisl\u0259rinin 2023-c\u00fc ild\u0259 a\u015fkar etdiyi “Triangulation” \u0259m\u0259liyyat\u0131 zaman\u0131 t\u0259tbiq edilmi\u015f taktikaya b\u0259nz\u0259yir. Bel\u0259 y\u00fcks\u0259k m\u00fcr\u0259kk\u0259blik v\u0259 pe\u015f\u0259karl\u0131q t\u0259l\u0259b ed\u0259n metodlardan yaln\u0131z ciddi texniki bacar\u0131qlara v\u0259 resurslara malik olan kibercinay\u0259tkarlar istifad\u0259 ed\u0259 bil\u0259rl\u0259r.<\/p>\n\n\n\n

\u201cUnisoc\u201d \u00e7ipl\u0259ri geni\u015f yay\u0131l\u0131b v\u0259 a\u015fkar edilmi\u015f bo\u015fluqlardan h\u0259m f\u0259rdi istifad\u0259\u00e7il\u0259r, h\u0259m d\u0259 h\u0259ssas cihazlara malik t\u0259\u015fkilatlar z\u0259r\u0259r g\u00f6r\u0259 bil\u0259r. Kritik sah\u0259l\u0259rd\u0259, m\u0259s\u0259l\u0259n, n\u0259qliyyat v\u0259 telekommunikasiya sektorlar\u0131nda istifad\u0259 olunan h\u0259ssas cihazlara h\u00fccumlar yaln\u0131z h\u00fccuma m\u0259ruz qalan m\u00fc\u0259ssis\u0259l\u0259r\u0259 b\u00f6y\u00fck ziyan vurmaqla qalm\u0131r, h\u0259m d\u0259 iqtisadiyyat\u0131n bir \u00e7ox dig\u0259r sektorlar\u0131 \u00fc\u00e7\u00fcn infrastruktura t\u0259sir ed\u0259n ciddi n\u0259tic\u0259l\u0259r\u0259 s\u0259b\u0259b ola bil\u0259r.<\/p>\n\n\n\n

“\u00c7ipl\u0259rin t\u0259hl\u00fck\u0259sizliyi m\u00fcr\u0259kk\u0259b m\u00f6vzudur v\u0259 mikrosxeml\u0259rin layih\u0259l\u0259ndirilm\u0259sind\u0259, eyni zamanda \u00e7ipi istifad\u0259 ed\u0259n son m\u0259hsulun arxitekturas\u0131nda kiberriskl\u0259r n\u0259z\u0259r\u0259 al\u0131nmal\u0131d\u0131r. Bir \u00e7ox \u00e7ip istehsal\u00e7\u0131lar\u0131 intellektual m\u00fclkiyy\u0259tl\u0259rini qorumaq \u00fc\u00e7\u00fcn prosessorlar\u0131n\u0131n daxili qurulu\u015fu v\u0259 i\u015f prinsipi bar\u0259d\u0259 m\u0259lumatlar\u0131n m\u0259xfiliyini \u00f6n planda tutur. Bu ba\u015fa d\u00fc\u015f\u00fcl\u0259ndir, lakin qapal\u0131 arxitektura v\u0259 s\u0259n\u0259dl\u0259\u015fdirilm\u0259mi\u015f funksionall\u0131q \u00e7ox vaxt t\u0259tbiqd\u0259ki s\u0259hvl\u0259r\u0259 v\u0259 bazara \u00e7\u0131xar\u0131ld\u0131qdan sonra aradan qald\u0131r\u0131lmas\u0131 \u00e7\u0259tin olan t\u0259hl\u00fck\u0259sizlik probleml\u0259rin\u0259 s\u0259b\u0259b olur. Ara\u015fd\u0131rmam\u0131z g\u00f6st\u0259rir ki, \u00e7ip istehsal\u00e7\u0131lar\u0131 il\u0259 son m\u0259hsul istehsal\u00e7\u0131lar\u0131 v\u0259 kibert\u0259hl\u00fck\u0259sizlik m\u00fct\u0259x\u0259ssisl\u0259rinin birg\u0259 \u0259m\u0259kda\u015fl\u0131\u011f\u0131 vacibdir. Bu, potensial bo\u015fluqlar\u0131 erk\u0259n m\u0259rh\u0259l\u0259l\u0259rd\u0259 a\u015fkar etm\u0259y\u0259 v\u0259 onlar\u0131n gec a\u015fkar olunaraq kibercinay\u0259tkarlar t\u0259r\u0259find\u0259n istismar edilm\u0259 riskini azaltma\u011fa k\u00f6m\u0259k ed\u0259c\u0259k,” – dey\u0259 Kaspersky ICS CERT-in r\u0259hb\u0259ri Yevgeni Qon\u00e7arov bildirib.<\/p>\n\n\n\n

Kaspersky \u201cUnisoc\u201da t\u0259hl\u00fck\u0259sizliy\u0259 proaktiv yana\u015fmas\u0131 v\u0259 istifad\u0259\u00e7il\u0259rini qorumaq \u0259zmin\u0259 g\u00f6r\u0259 t\u0259\u015f\u0259kk\u00fcr edir. Bo\u015fluqlar bar\u0259d\u0259 bildiri\u015f ald\u0131qdan sonra \u201cUnisoc\u201d \u015firk\u0259ti y\u00fcks\u0259k operativlik n\u00fcmayi\u015f etdir\u0259r\u0259k a\u015fkar edilmi\u015f probleml\u0259rin aradan qald\u0131r\u0131lmas\u0131 \u00fc\u00e7\u00fcn q\u0131sa m\u00fcdd\u0259t \u0259rzind\u0259 t\u0259hl\u00fck\u0259sizlik d\u00fcz\u0259li\u015fl\u0259ri haz\u0131rlay\u0131b v\u0259 yay\u0131mlay\u0131b.<\/p>\n\n\n\n

Kaspersky ICS CERT komandas\u0131 cihaz istehsal\u00e7\u0131lar\u0131na v\u0259 istifad\u0259\u00e7il\u0259rin\u0259 a\u015fkar edilmi\u015f bo\u015fluqlardan istifad\u0259 edil\u0259n h\u00fccumlar\u0131n riskini azaltmaq \u00fc\u00e7\u00fcn bu yenil\u0259m\u0259l\u0259ri d\u0259rhal qura\u015fd\u0131rma\u011f\u0131 t\u00f6vsiy\u0259 edir. Lakin SoC aparat arxitekturas\u0131n\u0131n x\u00fcsusiyy\u0259tl\u0259ri modemd\u0259 bu n\u00f6vd\u0259n olan yeni z\u0259iflikl\u0259rin a\u015fkar edilm\u0259si hal\u0131nda bu tip h\u00fccumlar\u0131n qar\u015f\u0131s\u0131n\u0131 bird\u0259f\u0259lik alma\u011fa imkan vermir. M\u00fct\u0259x\u0259ssisl\u0259r proqram t\u0259minat\u0131nda edil\u0259n d\u00fcz\u0259li\u015fl\u0259rl\u0259 yana\u015f\u0131 \u0259lav\u0259 m\u00fcdafi\u0259 t\u0259dbirl\u0259rini d\u0259 \u0259hat\u0259 ed\u0259n \u00e7oxs\u0259viyy\u0259li t\u0259hl\u00fck\u0259sizlik yana\u015fmas\u0131ndan istifad\u0259 etm\u0259yi t\u00f6vsiy\u0259 edirl\u0259r.<\/p>\n\n\n\n

Kibert\u0259hl\u00fck\u0259l\u0259rd\u0259n, bo\u015fluqlardan istifad\u0259 edil\u0259n h\u00fccumlardan qorunmaq \u00fc\u00e7\u00fcn Kaspersky \u015firk\u0259tl\u0259r\u0259 t\u00f6vsiy\u0259 edirl\u0259r:<\/p>\n\n\n\n