EMBA is a platform for optimizing our research and testing tasks in the field of IoT, OT, ICS and general embedded analysis. Because of this, we include code quite early and sometimes in a very raw state. We do not recommend setting up EMBA as a productive environment or in an unprotected environment! If you are using EMBA you should know what you are doing.
EMBA is using multiple protections layers like chroot, docker, read-only filesystem, non executable mounts and disabled networking functionality. Nevertheless, EMBA should only be used on test systems! It should not be installed/deployed on production systems.
There are multiple reasons for that:
- The EMBA docker container is running in privileged mode which will result in full system compromise if you are testing malicious firmware.
- EMBA automatically executes untrusted code from the firmware which could lead to breakouts that are able to compromise the host system.
- EMBA automatically builds and boots a firmware image based on the untrusted firmware under test.
If there is a security problem within EMBA please open an issue or contact us via one of the following ways: