Intel CPU Flaw

Intel CPU Flaw

Intel CPU Flaw- All Intel processors released in the past 5 years contain an unpatchable vulnerability that could allow hackers to compromise almost every hardware-enabled security technology that are otherwise designed to shield sensitive data of users even when a system gets compromised.

The vulnerability, tracked as CVE-2019-0090, resides in the hard-coded firmware running on the ROM (“read-only memory”) of the Intel’s Converged Security and Management Engine (CSME), which can’t be patched without replacing the silicon.

Intel CSME is a separate security micro-controller incorporated into the processors that provides an isolated execution environment protected from the host opening system running on the main CPU.

It is responsible for the initial authentication of Intel-based systems by loading and verifying firmware components, root of trust based secure boot, and also cryptographically authenticates the BIOS, Microsoft System Guard, BitLocker, and other security features.

Although this insufficient access control vulnerability is not new and was previously patched by Intel last year when the company described it just as a privilege escalation and arbitrary code execution in Intel CSME firmware modules, the extent of the flaw remained undervalued.

Researchers at Positive Technologies have now found that the issue can also be exploited to recover the Chipset Key, a root cryptographic key or sort of a master password that could help unlock and compromise a chain of trust for other security technologies, including digital rights management (DRM), firmware Trusted Platform Module (TPM), and Identity Protection Technology (IPT).

That means the flaw could be exploited to extract data from encrypted hard-drives and to bypass DRM protections and access copyright-protected digital content.

Read more at The Hacker News

Leave a Reply

Your email address will not be published.