Categories: SecurityWorkspace

Intel Hardware-Based Cryptography ‘At Risk’ From New Flaw

Intel has acknowledged a flaw in its processors that could allow attackers to bypass security controls including hardware-based encryption and digital rights management (DRM).

The company said exploitation of the issue in its Converged Security Management Engine (CSME) would likely require specialised equipment and physical access.

But the security researchers who discovered the flaw were less sanguine, arguing it is impossible to entirely fix.

Positive Technologies said that the issue affects all Intel chips manufactured in the past five years, and advised users to replace affected units with the company’s latest 10th Gen processors, which are not vulnerable.

Root cryptographic key

“Intel understands they cannot fix the vulnerability in the ROM of existing hardware.  So they are trying to block all possible exploitation vectors,” said Positive researcher Mark Ermolov in an advisory.

Intel’s existing patches only address one means of attack, while many others are likely to exist, Ermolov said.

Some of these may be exploitable via malware installed on a system, without requiring an attacker to have physical access to that system, he said.

The problem is that the CSME firmware is left unprotected early on in the boot process, leaving it vulnerable to attack.

It is only a “matter of time” before attackers are able to extract the Chipset Key, the root cryptographic key that’s the basis for other hardware-based security controls, including hardware-based encryption and DRM, Ermolov argued.

Extracting that key would allow attackers to forge hardware IDs, extract DRM-protected content and decrypt encrypted hard drives, he said – a situation he described as “utter chaos”.

Chain of trust

“The problem is not only that it is impossible to fix firmware errors that are hard-coded in the Mask ROM of microprocessors and chipsets,” Ermolov said.

“The larger worry is that, because this vulnerability allows a compromise at the hardware level, it destroys the chain of trust for the platform as a whole.”

He said the vulnerability jeopardises everything Intel has done to “build the root of trust and lay a solid security foundation” for its platforms.

Intel downplayed the seriousness of the issue, designated CVE-2019-0090, saying exploitation would require “specialised hardware” and physical access, and noting that it has already released mitigations.

The company urged users to keep their systems up to date.

Positive Technologies said it plans to provide “more technical details” on the vulnerability in a white paper it plans to publish soon.

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Microsoft To Acquire Activision Blizzard For $68.7 Billion

Huge tech acquisition, as software giant seeks major expansion of its gaming credentials with purchase…

8 hours ago

Amazon Sued For Worker Death In Deadly Tornado Strike

Parents sue Amazon for wrongful death, after son was among six workers killed when Amazon…

11 hours ago

Twitter Expands Misleading Tweet Feature

Twitter has expanded its test feature to other countries that allows users to flag or…

11 hours ago

US Airline Bosses Warn Of ‘Catastrophic’ Aviation Crisis Due To 5G

US aviation 5G scare-mongering continues, as CEOs of ten US airlines warn of 'havoc' caused…

12 hours ago

Government Backs Ad Campaign Against End-To-End Encryption

Public funds to used for government-backed advertising campaign against end-to-end encryption, but security experts argue…

14 hours ago

Amazon Last Minute Extension For Visa Card Payments

UK Amazon users can continue using their Visa cards for online shopping for now, after…

16 hours ago