CVE-2021-44149
📋 TL;DR
This vulnerability allows attackers in the NonSecure World to bypass TrustZone security and perform arbitrary read/write operations on Secure World memory in NXP i.MX6UL SoC devices running OP-TEE Trusted OS. It affects systems using these specific hardware chips with OP-TEE Trusted OS versions through 3.15.0. The bypass occurs due to missing security access configuration for wakeup-related registers in the CSU driver.
💻 Affected Systems
- OP-TEE Trusted OS
- NXP i.MX6UL SoC devices
📦 What is this software?
Op Tee by Linaro
⚠️ Risk & Real-World Impact
Worst Case
Complete compromise of TrustZone security allowing extraction of cryptographic keys, secure boot secrets, and other protected assets from the Secure World, potentially leading to permanent device compromise.
Likely Case
Extraction of sensitive data from the Secure World including encryption keys, authentication credentials, and protected application data.
If Mitigated
Limited impact if proper network segmentation and access controls prevent attackers from reaching vulnerable devices.
🎯 Exploit Status
Exploitation requires local access to the NonSecure World and knowledge of the specific hardware platform. The advisory includes technical details that could facilitate exploitation.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: OP-TEE Trusted OS 3.16.0 and later
Vendor Advisory: https://github.com/f-secure-foundry/advisories/blob/master/Security_Advisory-Ref_FSC-HWSEC-VR2021-0002-OP-TEE_TrustZone_bypass_at_wakeup.txt
Restart Required: Yes
Instructions:
1. Update OP-TEE Trusted OS to version 3.16.0 or later. 2. Rebuild and redeploy the trusted firmware. 3. Reboot the affected devices to apply the updated firmware.
🔧 Temporary Workarounds
Disable vulnerable wakeup functionality
linuxDisable or restrict access to the CSU driver wakeup-related registers if not required for system operation.
# Requires hardware-specific configuration modifications
# Consult NXP i.MX6UL reference manual for register access controls
🧯 If You Can't Patch
- Implement strict access controls to prevent unauthorized users from accessing the NonSecure World on affected devices.
- Isolate affected devices in segmented network zones with limited connectivity to reduce attack surface.
🔍 How to Verify
Check if Vulnerable:
Check OP-TEE version and hardware platform: 1. Check OP-TEE version with 'optee-client --version' or examine firmware. 2. Verify hardware is NXP i.MX6UL SoC via 'cat /proc/cpuinfo' or hardware documentation.Check Version:
optee-client --version 2>/dev/null || grep -i 'optee' /proc/device-tree/firmware/optee/version 2>/dev/null || echo 'Check firmware documentation'Verify Fix Applied:
Verify OP-TEE version is 3.16.0 or later and confirm the CSU driver security configuration has been updated in the firmware.📡 Detection & Monitoring
Log Indicators:
- Unexpected memory access patterns in Secure World logs
- Anomalous register access attempts in CSU driver logs
- Unauthorized access attempts to secure memory regions
Network Indicators:
- Unusual outbound connections from embedded devices containing sensitive data
- Anomalous traffic patterns from IoT/embedded systems
SIEM Query:
source="*optee*" OR source="*trustzone*" AND (event="memory_access_violation" OR event="register_access_denied")🔗 References
- https://github.com/OP-TEE/optee_os/tags
- https://github.com/f-secure-foundry/advisories/blob/master/Security_Advisory-Ref_FSC-HWSEC-VR2021-0002-OP-TEE_TrustZone_bypass_at_wakeup.txt
- https://github.com/OP-TEE/optee_os/tags
- https://github.com/f-secure-foundry/advisories/blob/master/Security_Advisory-Ref_FSC-HWSEC-VR2021-0002-OP-TEE_TrustZone_bypass_at_wakeup.txt
