Saved in:
Bibliographic Details
Main Authors: Jänich, Sebastian, Sievers, Merlin, Kinder, Johannes
Format: Preprint
Published: 2025
Subjects:
Online Access:https://arxiv.org/abs/2510.14384
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866918161718181888
author Jänich, Sebastian
Sievers, Merlin
Kinder, Johannes
author_facet Jänich, Sebastian
Sievers, Merlin
Kinder, Johannes
contents Low-cost Internet of Things (IoT) devices are increasingly popular but often insecure due to poor update regimes. As a result, many devices run outdated and known-vulnerable versions of open-source software. We address this problem by proposing to patch IoT firmware at the binary level, without requiring vendor support. In particular, we introduce minimally invasive local reassembly, a new technique for automatically patching known (n-day) vulnerabilities in IoT firmware. Our approach is designed to minimize side effects and reduce the risk of introducing breaking changes. We systematically evaluate our approach both on 108 binaries within the controlled environment of the MAGMA benchmarks, as well as on 30 real-world Linux-based IoT firmware images from the KARONTE dataset. Our prototype successfully patches 83% of targeted vulnerabilities in MAGMA and 96% in the firmware dataset.
format Preprint
id arxiv_https___arxiv_org_abs_2510_14384
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle Match & Mend: Minimally Invasive Local Reassembly for Patching N-day Vulnerabilities in ARM Binaries
Jänich, Sebastian
Sievers, Merlin
Kinder, Johannes
Cryptography and Security
Software Engineering
Low-cost Internet of Things (IoT) devices are increasingly popular but often insecure due to poor update regimes. As a result, many devices run outdated and known-vulnerable versions of open-source software. We address this problem by proposing to patch IoT firmware at the binary level, without requiring vendor support. In particular, we introduce minimally invasive local reassembly, a new technique for automatically patching known (n-day) vulnerabilities in IoT firmware. Our approach is designed to minimize side effects and reduce the risk of introducing breaking changes. We systematically evaluate our approach both on 108 binaries within the controlled environment of the MAGMA benchmarks, as well as on 30 real-world Linux-based IoT firmware images from the KARONTE dataset. Our prototype successfully patches 83% of targeted vulnerabilities in MAGMA and 96% in the firmware dataset.
title Match & Mend: Minimally Invasive Local Reassembly for Patching N-day Vulnerabilities in ARM Binaries
topic Cryptography and Security
Software Engineering
url https://arxiv.org/abs/2510.14384