Huawei+xloader 〈TRUSTED ✪〉

Security researchers (notably from Taszk Security Labs) have identified significant flaws in the xloader and BootROM of various Kirin chipsets (Kirin 980, 990, etc.). CVE-2021-22434

Detection is notoriously difficult because Xloader uses and code injection to hide within legitimate Windows processes like svchost.exe or explorer.exe . However, for IT administrators managing Huawei servers or workstations, certain indicators of compromise (IoCs) are known: huawei+xloader

: Huawei mitigated these issues via OTA updates and, in some cases, by "burning a fuse" to permanently disable the USB recovery mode that allowed these exploits. Utility in Modding and Repair Security researchers (notably from Taszk Security Labs) have