so.cl

Rascals are always sociable, and the chief sign that a man has any nobility in his character is the little pleasure he takes in others company. Arthur Schopenhauer


In October of 2022, Intel’s Alder Lake BIOS source code was leaked online. The leaked code was comprised of firmware components that originated from three sources:

  • The independent BIOS vendor (IBV) named Insyde Software,
  • Intel’s proprietary Alder Lake BIOS reference code,
  • The Tianocore EDK2 open-source UEFI reference implementation.

I obtained a copy of the leaked code and began to hunt for vulnerabilities. This writeup focuses on the vulnerabilities that I found and reported to Insyde Software. These bugs span various System Management Mode (SMM) modules, including:

  • Insyde H2O Internal Soft-SMI Interface (IHISI) dispatcher
  • Flash BIOS Through SMI (FTBS) handlers
  • BIOS Guard SMI handlers

Stepping Insyde System Management Mode