Products
Cellebrite sells various products in the UFED series: * UFED Physical Analyzer * UFED Logical Analyzer * UFED Phone Detective * UFED Cloud AnalyzerFeatures
On the UFED Touch, it is possible to select extraction of data and choose from a wide list of vendors. After the data extraction is done, it is possible to analyze the data in the Physical Analyzer application. The Cellebrite UFED Physical Analyzer supports the following features: * Extract device keys which can be used to decrypt raw disk images, as well as keychain items. * Revealing device passwords, although this is not available for all locked devices * Passcode recovery attacks * Analysis and decoding of application data * Generating reports in various formats such as PDF and HTML * Dump the raw filesystem for analyzing it in other applicationsHistory
In 2019, Cellebrite announced a new version of the UFED, called the UFED Premium. The company claimed that it can unlock iOS devices including those running iOS 12.3 and Android phones such as the Galaxy S9.Resale
Cellebrite does not allow the resale of their products. The original list price of the product is around US$6000, but they have been sold on eBay for around US$100. Some devices that were resold still contained data about criminal investigations.Security
In 2021, Moxie Marlinspike, creator of the encrypted messaging app Signal, released a blog post on the app's website detailing a number of vulnerabilities in Cellebrite's UFED and Physical Analyzer software that allowed for arbitrary code execution on Windows computers running the software. One exploit he detailed involved the UFED scanning a specially formatted file which could then be used to execute arbitrary code on the computer running the UFED. Marlinspike wrote that the code could then " odifynot just the Cellebrite report being created in that scan, but also ''all previous and future generated Cellebrite reports'' from all previously scanned devices and all future scanned devices in any arbitrary way". Marlinspike also found that Cellebrite software was bundled with out-of-date FFmpeg DLL files from 2012, which lacked over 100 subsequent security updates. Windows Installer packages, extracted from the Windows installer forSee also
* Bootloader unlockingReferences
External links
* {{Official site, https://www.cellebrite.com/en/ufed/ Digital forensics software