AI, Data Science & Cloud Certificates from Google, IBM & Meta — 40% Off
One plan covers every Professional Certificate on Coursera. 40% off Coursera Plus Annual.
Unlock All Certificates
Explore the intricacies of identifying multi-binary vulnerabilities in embedded firmware at scale in this 37-minute conference talk from the 36th Chaos Communication Congress. Delve into the challenges of analyzing hardware-dependent software on low-power, single-purpose embedded devices like routers and IoT systems. Learn about Karonte, a novel static analysis tool that models and tracks multi-binary interactions to detect insecure, attacker-controlled vulnerabilities. Discover the results of experiments on 53 firmware samples from various vendors, leading to the discovery of 46 zero-day bugs. Gain insights from a large-scale experiment on 899 different samples, demonstrating Karonte's scalability and effectiveness in analyzing real-world firmware. Watch a demonstration of the tool in action, showcasing its ability to detect previously unknown vulnerabilities.
