board/README.md at hdmi_firewall - board - CuVoodoo git
HDMI is mainly used to transfer audio and video, but also offers a number of additional features (e.g. HPD, CEC, HEAC, MHL). This increases the attack surface, and since the security of their implement in embedded devices is far from ideal, an attacker could exploit them and inject malicious code. Now your unsuspicious video equipment is compromised and threatens your IT/network security. And your monitor could then in turn hack back any other device connected to it.
For example, let's imagine you invite an external guest for a presentation inside your company. You offer to connect to a video-projector so he can show his slides. This is the perfect opportunity for the guest to hack the video-projector. Next time an employee connects to this projector, his laptop is hacked back. And voila, the innocent guest managed to infiltrate your company network, and can exfiltrate confidential information.
The HDMI firewall blocks all additional interfaces, and only allows audio and video data transfer. It is based on the research of Pierre-Michel Ricordel and José Lopes Esteves from ANSSI/SDE/ST/LSF presented at the IT security conference SSTIC 2021.
