The idea behind Bynario

The year of Autonomous Security

What an incredible year 2025 has been for security. We are seeing real tangible progress across many aspects of autonomous security, something we deeply believe in.

I have spent much of my life exploring and interacting with weird machines, fascinated by the complexity of scaling offensive security. I have always leaned toward the "lazy" side of vulnerability research, more fascinated by how bugs evolve into exploitability than by their initial discovery.

As I am here introducing BynarIO - our solution to software understanding for autonomous security, the irony is not lost on me.

Autonomous Security through Software Understanding

BynarIO can identify vulnerabilities in any software, not just in the source code. It is designed to restore trust and control over the software we depend on at scale.

Open source is the backbone of modern innovation, yet its security has long depended on goodwill and chance. The world runs on shared code, and the ecosystem deserves protection that is as intelligent and sustainable as the software it powers. We believe in a future where security becomes an inherent part of how organizations consume and trust software: transparent, continuous, and mutually beneficial to the entire ecosystem. On the other hand, closed-source software by its very nature makes independent third-party analysis difficult, time-consuming, and hard to scale.

For organizations, true security means independence. No waiting for external reports or third-party disclosures. No blind spots between releases. Real protection begins with understanding, the ability to anticipate and act on risk before it becomes a problem. Even the earliest signal can redefine resilience.

Today, production environments still rely on detection tools designed to react once malicious activity is already in motion. But the future belongs to prevention, not reaction.

Every year we have dedicated to the understanding of vulnerabilities has led to this moment. BynarIO is built with care and conviction to bring autonomy and understanding to how we secure the software that powers our world.

To demonstrate what this means in practice, we are sharing one of our earliest validations: real-world vulnerabilities discovered through autonomous binary analysis of production code.

CVE-2025-43377 - Apple macOS OOB Read (Model I/O)

Let's get to what matters: CVE-2025-43377, an out-of-bounds read vulnerability in Apple macOS discovered by our AI.

Here is where the story begins, with the redacted trace from our pipeline:

While analyzing specific components of the Model I/O logic, our system identified multiple vulnerabilities within Apple's USD library. Among these, the first and most notable is an Out-of-Bounds Read, followed by two Null Dereferences and four additional variants stemming from the same root cause, each reachable through distinct code paths.

Root Cause

A missing bounds check. The code implicitly trusts that an index provided in a glTF file is valid and exists within the referenced array. When that assumption fails, it results in an out-of-bounds read.

Our system automatically flagged this condition and verified it by generating a trigger.gltf. During validation, it also determined that usdcat was a primary entry point, as it loads and interacts with the affected library, libusd_ms.dylib.

Apple macOS Null Dereferences (Model I/O)

Further along the same analysis, our pipeline uncovered two distinct Null Pointer Dereference vulnerabilities in Apple's USD library, both related to how glTF animation data is processed.

The first occurs during the import of glTF animation keyframe data. It is triggered when an animation sampler references an accessor index that is out of bounds within the model's accessors array. Although the invalid index is correctly identified, the function responsible for fetching the keyframe count (getAccessorElementCount) silently returns 0 instead of propagating an error. The calling function fails to interpret 0 as an error condition, leading to a read from an uninitialized destination buffer and resulting in a null-pointer dereference.

The second vulnerability appears during the serialization of rotation animation data. In this case, an attacker can craft a glTF file where the animation sampler includes a valid input accessor index but an invalid, out-of-bounds output accessor index. This discrepancy causes the serialization logic to reference an invalid memory location, leading to another null-pointer dereference.

Both issues stem from the same underlying flaw: incomplete error handling around accessor index validation, allowing invalid states to propagate through the animation pipeline.

Root Cause

A logic flaw in error handling. The defensive check exists but fails to enforce an error path, causing a silent propagation of invalid state.

Our system automatically flagged all those conditions and verified them by generating multiple trigger.gltf.

Systemic Vulnerability Class

Our story does not end there. As the model continued analyzing code paths around the identified OOB Read and Null Dereferences, it uncovered a broader systemic issue leading to additional Null Pointer Dereferences. The initial crash occurred when an out-of-bounds input accessor index was provided during the import phase. However, a separate class of triggers using a valid input index but an invalid output index bypassed the initial crash entirely, revealing further reachable flaws within the same logic structure.

Detailed Root Causes

1. Inconsistent State Creation: During the import phase, an out-of-bounds output accessor index causes the getAccessorElementCount function to return 0. This results in the creation of an AnimationCache object where the times vector is successfully populated (size > 0), but its corresponding values vector is left empty (size = 0, internal data pointer = nullptr). The import logic does not treat this data inconsistency as an error.

2. Unvalidated Trust in Downstream Code: The various serialization functions responsible for writing animation attributes (rotation, scale, translation) later process this poisoned AnimationCache. These functions independently check if the times vector is non-empty to determine if they should proceed. Finding that times exist, they all unconditionally assume their corresponding values vector is also valid and dereference its nullptr data pointer, causing a crash.

Final Thoughts

Discovering multiple vulnerabilities within the Apple ecosystem is a meaningful milestone for us. It is, without question, one of the most complex and well-engineered ecosystems in existence. The affected libusd library expanded to over 200,000 functions in our analysis, a scale that would be impossible to reason about manually.

What keeps us motivated is tackling the problems that truly test our understanding of software. BynarIO is the result of that pursuit, a system built to reason about binaries the way a security researcher would.

If source code analysis represents visibility, binary analysis represents freedom - the ability to secure software you don't own or fully control.