News: Aarno Labs Awarded DARPA Grant to Develop Tools for Translating C to Safe Rust
Aarno Labs has been awarded a DARPA contract, under TRACTOR, to develop Tenjin, an advanced toolchain for translating legacy C code into safe, idiomatic Rust. The project will build a modular framework that combines source-level refactoring with multi-stage translation driven by comprehensive program understanding to modernize critical software systems and eliminate memory safety vulnerabilities.
High-Assurance Remediation of CVE-2024-12248
This post demonstrates how CodeHawk enables high-assurance patching of vulnerabilities in stripped binaries without manual binary editing. We detail the remediation of CVE 2024-12248 in the Contec CMS 8000 Patient Monitor by lifting the firmware to semantically validated C code, applying idiomatic fixes directly on the C code, and automatically synthesizing precise binary-level patches. We evaluate two patch strategies, highlighting the trade-off between broader input filtering and minimal behavioral change, with CodeHawk proving that both eliminate the buffer-overflow vulnerability.
Discovery and Analysis of CVE-2024-12248
This post demonstrates how CodeHawk can be employed to discover and understand vulnerabilities in stripped binaries with high-assurance automation. We focus on our discovery, analysis, and disclosure of CVE 2024-12248, a high-severity vulnerability in the Contec CMS 8000 Patient Monitor. CodeHawk's automated memory safety analysis is applied to the lifting of a stripped firmware binary from the device. The analysis output flags the buffer-overflow vulnerability as an attacker-controlled violation. CodeHawk also demonstrates that the overflow is completely unbounded, enabling remote code execution on the device.
CodeHawk Demo at DARPA's Resilient Software Systems Demo Day
At DARPA’s Resilient Software Systems Demo Day, Aarno Labs showcased CodeHawk Binary Patcher fixing CVE 2024-12248, a buffer overflow in the Contec CMS 8000 Patient Monitor. Using our Binary Ninja plugin, we lifted the binary to editable C, applied a high-assurance fix, and validated the patched binary—all without reverse engineering expertise. Enjoy the video!
Mitigating Supply Chain Attacks Through Fine-Grained Privilege Enforcement
This post introduces Lucien, a framework for fine-grained library-level privilege control in NodeJS applications. Lucien enables developers to restrict privileges on a per-library basis, reducing the impact of compromised libraries. We explain its unique features, including dynamic privilege tracking and enforcement, and how it can improve application security.
Aarno Labs at Black Hat 2024 – Showcasing the CodeHawk Binary Patcher
This August, Aarno Labs was privileged to present at Black Hat USA 2024 in Las Vegas. During the Arsenal session, our team showcased the CodeHawk Binary Patcher (CBP), an innovative platform designed to drastically reduce the cost and complexity of patching stripped binaries, while delivering unmatched assurance in the security and correctness of the patches. This post summarizes and provides a video of the presentation.