id,summary,reporter,owner,description,type,status,component,version,resolution,keywords,cc,guest,host 19263,Possibility to infect VMs BIOS,Benus,,"This issue was initially reported to the security team, but after some discussion it was mentioned that I should open this in the public bug tracking system (seems strange to me, but...). Just for reference, follow the final conclusion from the security team: ""Admin rights give a user the power to do anything on the system. An ""evil admin"" is more a social component of this bug than a product's security abilities (or its lack thereof). However, we get your point and think that the ""validation/check"" proposed by you may be an enhancement feature in the product. Since our team (SecAlert) only deals with security vulnerabilities in the product, we will not be able to help you on this further. You could log an enhancement request on VirtualBox's public bug tracker: https://www.virtualbox.org/wiki/Bugtracker "" So the bad use of this knowledge is not my fault. The case is that it is possible to replace the BIOS that is going to be used by all VMs, and with this all of them would be infected, in a way that the host system and the guest would not detect. It is possible to add a service to run in parallel with the OS, like a RuntimeService or a SMM Interrupt. This affects all versions 6.0.x and 5.x. The attached file has the details about how to do it.",enhancement,closed,EFI,VirtualBox 6.0.16,fixed,,,all,all