Vulnerability Detail Report
- ZDID: ZD-2017-00386
- Vendor: 盛微先進科技股份有限公司
- Title: Savitech drivers silently install certificate in trusted root certificate authorities store [CVE-2017-9758]
- Introduction: All known Windows driver packages distributed to multiple vendors by the Taiwanese digital audio chip maker Savitech include a Windows PE file that silently installs a self-signed certificate into the Trusted Root Certification Authorities store of the u
- 2017/05/05 15:26:15 : 新提交 (由 n3kt0n 更新此狀態)
- 2017/05/05 21:06:02 : 審核完成 (由 HITCON ZeroDay 平台自動更新)
- 2017/05/12 18:33:37 : 通報未回應 (由 HITCON ZeroDay 服務團隊 更新此狀態)
- 2017/05/12 18:33:38 : 通報未回應 (由 HITCON ZeroDay 服務團隊 更新此狀態)
- 2017/06/13 14:33:13 : 修補中 (由 HITCON ZeroDay 服務團隊 更新此狀態)
- 2017/07/05 03:00:09 : 公開 (由 HITCON ZeroDay 平台自動更新)
- 2017/07/05 03:27:23 : 已修補 (由 HITCON ZeroDay 服務團隊 更新此狀態)
- 2017/07/05 03:33:06 : 已修補 (由 HITCON ZeroDay 服務團隊 更新此狀態)
- 2017/07/30 02:59:07 : 確認已修補 (由 HITCON ZeroDay 服務團隊 更新此狀態)
- 2017/07/30 03:00:04 : 公開 (由 HITCON ZeroDay 平台自動更新)
- 2017/07/30 09:40:26 : 公開 (由 HITCON ZeroDay 服務團隊 更新此狀態)
- 2017/07/30 09:45:31 : 公開 (由 HITCON ZeroDay 服務團隊 更新此狀態)
- 2017/07/30 09:46:17 : 公開 (由 HITCON ZeroDay 服務團隊 更新此狀態)
- 2017/08/03 12:06:27 : 複審中 (由 HITCON ZeroDay 服務團隊 更新此狀態)
- 2017/11/04 02:09:32 : 公開 (由 HITCON ZeroDay 服務團隊 更新此狀態)
- 通報者：n3kt0n (n3kt0n)
- 類型：其他 (Other)
Inaudible Subversion – Audio chipmaker driver packages distributed from 2013-present install self-signed certificate into Windows Trusted Root Certificate Authorities store
FirstWatch has an ongoing hunt for stealthy threat activity using artifacts gleaned from previous kill chain analysis. Sometimes these artifact bread crumbs lead us to unrelated areas of interest that are still worthy of investigation. In April 2017, we discovered a threat that affects digital audiophiles and PC gamers since at least 2013, with significant security implications.
All known Windows driver packages distributed to multiple vendors by the Taiwanese digital audio chip maker Savitech include a Windows PE file that silently installs a self-signed certificate into the Trusted Root Certification Authorities store of the user’s computer (Figure 1), prior to the driver installation.
Figure 1 Asus ROG motherboard audio chip driver package silently installs trusted root certificate
Compounding this significant security issue is the fact that the certificate is marked “<All>” for intended purposes.
A non-exhaustive sample of hardware vendors that are known to currently distribute Savitech-provided driver packages, which in turn subvert the Windows trusted root certificate store are included in Table 1
Table 1 Hardware vendors distributing Savitech root-cert subverting drivers
|Vendors using Savitech Chips and Providing Savitech “Root” Drivers|
|Asus Republic of Gamers (ROG) Audio-Technica|
An arbitrary certificate added to a Windows trusted root certificate authority store, breaks the hierarchical trust model of Windows, and gives significant power to the owner of the private key that corresponds to that certificate, the same as any Certificate Authority (CA) behind certificates normally found on Windows systems. Normally only a certificate issued by Microsoft would have “All” in the root certificates Intended Purposes field. Note: many large enterprises like EMC will typically install a root certificate on their Windows PCs to perform SSL decryption at the perimeter for outbound traffic, for network defense purposes.
An attacker who is able to obtain the corresponding private keys used to create the two known Savitech root certificates can generate any number of certificates signed by the otherwise untrusted Savitech private key. Any system that had the Savitech drivers installed from any one of many vendors will trust any certificate issued by the Savitech CA, for all purposes. An attacker could spoof web sites and other online services and applications, sign software and email, as well as decrypt network traffic. Common attack scenarios include impersonating a web site, performing a Man in the Middle (MITM) attack to decrypt HTTPS traffic, and installing malicious software.
Is this malicious?
We have no evidence so far to indicate that Savitech developers had malicious intent in mind when they created the root certificate install routine program called “Software Package Co-Installer”, named SwCoInst.exe and included in every MSI driver package file provided to various vendors, in various versions, since at least September of 2013. It is possible that the Savitech developer(s) intended to fix a problem they encountered and just left that poor security practice in their development process to this date. We are not sure why none of the hardware vendors noticed the issue.
Savitech-signed DLL files that are brand-name labeled by Asus, and provided by Asus, have interesting code routines indicating remote control over the network.
Remote control over the network is a feature undocumented in the Asus manuals for the motherboards and perhaps other hardware with the Savitech audio chips. However, a search for Savitech on Google Play and Apple iTunes (Figures 2 and 3) and reveals that Savitech has released Android and iPhone IOS applications used to specifically control the Bravo HD audio chips used by these various vendors, indicating a legitimate purpose for the Savitech audio chips to have remote control services listening on the network.
Figure 2 Savitech remote control app, Google Play
Figure 3 Savitech remote control app, iTunes
The PE responsible for the Saviaudio self-signed certificate install is named the same in every package that FirstWatch was able to find (Figure 4).
Figure 4 SwCoInst.exe Executable responsible for root certificate install
SwCoInste.exe bundles inside of it the Microsoft certificate manager application (certmgr.exe), as well as the Saviaudio cert to install. This is not unlike other legitimate third party driver packages released in 2010 for Windows 7, such as, for example, the Quanta Computer webcam used by many laptop vendors including Dell. Like the Quanta webcam driver install package (Figure 5), the Savitech driver package installs a cert into the Windows Trusted Publishers certificate store.
Figure 5 Dell laptop webcam driver package installs valid certificate, and only into Trusted Publishers Certificates store
Unlike the valid Verisign CA-signed certificate from the Quanta package, the Saviaudio certificate bundled with the Savitech driver package is self-signed. The Savitech installer also installs this self-signed certificate into the Trusted Root Certificates store, which is the crux of the issue in this investigation (Table 2).
Table 2 Savitech driver installer commands used to install self-signed certificate into trusted publisher as well as trusted root certificate stores
CommandLine: "C:\Program Files (x86)\ASUS\SupremeFX_Hi-Fi\CertMgr.EXE" -add "C:\Program Files (x86)\ASUS\SupremeFX_Hi-Fi\NewCert.cer" -s -r localmachine trustedpublisher CommandLine: "C:\Program Files (x86)\ASUS\SupremeFX_Hi-Fi\CertMgr.EXE" -add "C:\Program Files (x86)\ASUS\SupremeFX_Hi-Fi\NewCert.cer" -s -r localmachine root
At this time, we do not believe that the corresponding Savitech private key was distributed with any of the driver packages that were analyzed. This is in contrast to the applications Superfish and Dell Foundation Services from major PC hardware vendors Lenovo and Dell , respectively, that not only installed a root certificate, but also included the extractable private key in the application, in 2015. Internet SSL certificate repositories Sonar and Shodan showed no use of either of the known Savitech root certificates in certificate chains served from common SSL ports. Nonetheless, the certificate should be removed from the Windows Trusted Root Certificate store because of the security risk to Windows systems, should one of those two known private keys be obtained by an attacker.