This article serves to cover information on the LogoFAIL UEFI vulnerability in regards to NZXT N-Series motherboards.
What is LogoFAIL?
Reported by the security group Binarly REsearch in late 2023, LogoFAIL is a set of security vulnerabilities affecting various image parsing libraries used by the motherboard firmware during the boot process. This issue is not restricted to a single vendor, but rather a universal exploit that affects nearly all UEFI-based motherboards.
- Binarly.io - Finding LogoFAIL: The Dangers of Image Parsing During System Boot
- Binarly.io - The Far Reaching Consequences of LogoFAIL
This exploit allows an attacker to store a malicious payload as part of a logo image on the EFI System Partition (ESP) or inside an unsigned section of a firmware update. When this image is parsed during boot, the vulnerability can be triggered to allow an attacker-controlled payload to be executed and hijack the execution flow to bypass security features such as Secure Boot or hardware-based verified boot mechanisms.
In simpler terms, this allows an attacker to start malicious code on your machine before the operating system (Windows, Linux, etc.) have a chance to start and persists even if the system is wiped and reinstalled. For more information, please see the articles linked above.
What motherboards are affected by LogoFAIL?
As this is an issue with the Universal Extensible Firmware Interface (UEFI) specification as a whole, this issue is functionally universal and can affect all un-patched motherboards. Some hardware vendors have released additional checks or patches to mitigate or prevent this type of attack. For NZXT motherboards, please see the list below:
| Update Available? | Fix Version | |
| N7 B650E | Yes | P2.08 or newer |
| N7 B550 | Yes | P3.40 or newer |
| N7 Z790 | Yes | P9.01 or newer |
| N7 Z690 | Yes | P1401 or newer |
| N5 Z690 | Yes | P16.01 or newer |
This issue does not affect the newer motherboards such as those using the X870E, B850, or Z890 chipsets.
| Is there an update for older motherboards? |
| At this time we are only able to provide updates for the above-listed motherboards. Older models such as the N7 Z590, N7 Z490, N7 Z390, and N7 Z370 do not have a fix version available. |
To update your NZXT motherboard's UEFI/BIOS, please check out our guide linked below:
Updating your NZXT Motherboard BIOS
If you have a non-NZXT motherboard, please refer to the motherboard manufacturer's website.
How do I protect myself against LogoFAIL?
Binarly REsearch identified three primary attack vectors that would allow a malicious actor to load the LogoFAIL exploit to a machine, of which only two can be executed without direct access to the PC hardware:
- Loading an image to the EFI System Partition (ESP) that is loaded by the motherboard during the boot process
- Updating the UEFI BIOS using a malicious image or update program
To protect yourself against this type of attack, please do not use programs designed to replace the boot logo on your PC. Additionally, only update your UEFI using updates provided directly from the manufacturer of your motherboard. All NZXT UEFI updates can be found on the motherboard's official download page.
It is recommended to update your motherboard UEFI immediately once an update is available for your motherboard. A chart of available updates and our update guide can be found in the previous section.
Comments
0 comments
Article is closed for comments.