{"uuid": "45ed6e9b-e8ed-477b-ba98-708d8d578ddb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30552", "type": "published-proof-of-concept", "source": "https://t.me/freeosint/1172", "content": "\ud83d\udce1U-boot \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 Starlink \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0433\u043b\u0430\u0432\u043d\u043e\u0433\u043e \u0431\u0443\u0442\u043b\u043e\u0430\u0434\u0435\u0440\u0430 \u0442\u0435\u0440\u043c\u0438\u043d\u0430\u043b\u0430 (\u043f\u043e \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u043c \u043f\u043e\u0441\u0442\u0430\u043c \u0432 \u043a\u0430\u043d\u0430\u043b\u0435 \u0443\u0436\u0435 \u0441\u043a\u043e\u0440\u0435\u0435 \u0432\u0441\u0435\u0433\u043e \u0437\u043d\u0430\u0435\u0442\u0435, \u0438\u043b\u0438 \u0440\u0430\u043d\u0435\u0435 \u0437\u043d\u0430\u043b\u0438), \u0435\u0441\u043b\u0438 \u043a\u0442\u043e \u0432\u0434\u0440\u0443\u0433 \u0437\u0430\u0445\u043e\u0447\u0435\u0442 \u0437\u0430\u043d\u044f\u0442\u044c\u0441\u044f \u0435\u0433\u043e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435\u043c,  \u043f\u0440\u0438\u043a\u043b\u0430\u0434\u044b\u0432\u0430\u044e \u043d\u0438\u0436\u0435 \u0441\u0441\u044b\u043b\u043a\u0438 \u0434\u043b\u044f \u0443\u043f\u0440\u043e\u0449\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430\n\n\ud83d\udce1U-boot is used in Starlink as the main bootloader in terminal (according to some posts in the channel, you probably already know, or previously knew), if someone suddenly wants to do his research, I attach the links below to simplify the process.\n\n\ud83d\udcbeU-Boot Source Tree\n\ud83d\udcbeu-boot from starlink wi-fi gen2 \n\ud83d\udcbeU-Boot in OpenWrt\n\ud83d\udcbeu-boot docs \n\ud83d\udcbeThe u-booting securely\n\ud83d\udcbeU-Boot Secure Boot\n\ud83d\udcbeU-Boot Verified Boot vulnerability: CVE-2020-10648\n\ud83d\udcbeAnalysis and reverse-engineering of the original Starlink router(helpful information about u-boot in Starlink)\n\ud83d\udcbeReversing embedded device bootloader (U-Boot) - p.1\n\ud83d\udcbeReversing embedded device bootloader (U-Boot) - p.2\n\ud83d\udcbeDas U-Boot Verified Boot Bypass\n\ud83d\udcbeRecovering Firmware Through U-boot\n\ud83d\udcbeBushwhacking your way around a bootloader\n\ud83d\udcbeMultiple Vulnerabilities in U-Boot (CVE-2022-30790, CVE-2022-30552)\n\ud83d\udcbeCVE-2022-2347\n\ud83d\udcbedepthcharge is an U-Boot hacking toolkit for security researchers and tinkerers", "creation_timestamp": "2022-11-05T09:45:10.000000Z"}