DARPA Resilient Software Systems Demo Day

On February 10, 2025, Aarno Labs was invited to demo our CodeHawk Binary Patcher at DARPA's Resilient Software Systems Demo Day.   We did a live demo of CodeHawk fixing a real-world vulnerability in a popular medical device: CVE 2024-12248, a buffer overflow vulnerability in the Contec CMS 8000 Patient Monitor.  Our DIGIHEALS team, which includes STR, discovered and disclosed this vulnerability.

Below is a recording of the demo, which employs CodeHawk's Binary Ninja plugin.  The plugin enables rapid and high-assurance binary patching without reverse engineering experience.  In the demo, we show how one can use our plugin to:

• Lift the binary to high-level, editable C code  
• Understand the cause of an underlying vulnerability, employing our C analyzer output
• Express the patch as modifications to the C code lifting
• Prove the modifications close the vulnerability
• Automatically apply the modifications (represented by the C code) to the binary
• Validate that CodeHawk correctly applied the changes to the binary

All this without reasoning about the underlying binary!  Please reach out if you want to learn more.  Enjoy!

Video

CodeHawk Binary Patcher

Aarno Labs' CodeHawk is a platform that enables organizations to fix bugs and vulnerabilities in legacy software without needing source code or the original developer. The platform reduces costs and increases assurance by allowing developers to modify binaries using familiar workflows, with formal methods ensuring correctness and security. The demo showcases a real-world application: rapidly patching and verifying a fix for a vulnerability in a commercial medical device firmware.