We are glad to announce that our automated firmware analysis platform now finds unknown zero-day vulnerabilities (0-Day) to prevent zero-day attacks in cybersecurity. This new detection capabilities is a big leap towards automated security for connected devices and Industrial Control Systems.
Any zero-day exploit is an immense danger for operators and producers of connected devices. If found and hacked, a zero-day exploit can risk a whole companies’ fortune. Our development team has finally managed to create the future of automated detection to uncover such unknown zero-day vulnerabilities for connected devices, smart products and infrastructures and makes a huge step in product cybersecurity possible – adding a massive step into future software cybersecurity.
Finding unknown software vulnerabilities is mostly a manual, time- and resource consuming task. Today’s automated vulnerability detection solutions typically search for files and patterns with known vulnerabilities. There are large, publicly available databases for software vulnerabilities to simplify software development, testing and related security.
The “holy grail” on product cybersecurity is to find unknown zero-day vulnerabilities in a fully automated way. This would lead to significantly more secure software and significantly less probability of misuse or being hacked – while reducing development time and resources.
ONEKEY’s new automated detection capabilities have already uncovered multiple critical zero-day vulnerabilities that lead to remote code execution in IoT and OT devices – only by feeding the binary firmware image into the ONEKEY firmware analysis platform. Based on the binary analysis, the software gives clear results about critical security issues and hints for the appropriate elimination. It also generates automatically a SBOM (Software Bill of Materials) as it will be required by the EU authorities soon. Find more about secure supply chains in our latest Whitepaper “Tackling software supply chain with IEC62443 and SBOM”.
The ONEKEY platform extracts the firmware automatically, attack surface is mapped automatically, entry points for attackers are identified automatically and dangerous functions, which can be exploited by attackers, are evaluated and verified so that only the relevant ones are highlighted. Everything provided with actionable advice & pinpointing to affected areas in the firmware application.
The new detection capabilities have uncovered already multiple unknown, zero-day vulnerabilities. Based on ONEKEY’s responsible disclosure policy, the device producer not yet working with ONEKEY will be informed confidentially. After the industry standard 90 days grace period, vulnerability results will be published to the public in detailed cybersecurity advisories.
The new automated zero-day detection capabilities marking only the beginning of a new era – to support an increased discovery rate of critical zero-day vulnerabilities in IoT and OT devices, ONEKEY registered as CNA (CVE Numbering Authority) to better support responsible disclosure processes with producers and contribute to securing the Internet of Things.
Read the press release “ONEKEY announces automated detection of zero-day vulnerabilities”