Home
Artists
Search Recent Random
Posts
Search DMs Popular Hash Lookup Tags Random
Importer
Import FAQ
Register
Partychan Telegram ThePornDude
Home Artists Posts Import Register

Intel Plundervolt Attack- ThreatWire Crosspost (Patreon)

Published:
2019-12-17 15:39:20
Imported:
2023-11

Downloads

Content

By Shannon Morse, ThreatWire 

Researchers at three different universities in Europe, the University of Birmingham UK, KU Leuven of Belgium, and the Graz University of Technology in Austria, disclosed a high severity attack that impacts Intel desktop, server, and mobile CPUs. The researchers dubbed this attack Plundervolt since it works against Intel’s highly secured section of the CPU that controls voltage and frequency, even overclocking for gaming. The section is Intel’s Software Guard eXtensions or SGX for short. It’s part of all modern Intel CPUs that is used for voltage and frequency control, but also lets developers create secure enclaves. Developer enclaves are isolated at a hardware level on the CPU so changes don’t usually affect other parts of the machine, and it’s also encrypted.

The researchers found they could use two older, known, attacks to hit their target, the SGX. The two attacks used were Rowhammer, which was used for bitflipping, and Clockscrew, which uses the CPUs Dynamic Voltage and Frequency Scaling management system to take control of a computer. Combining parts of both of these attacks created Plundervolt, which can alter SGX data by changing the electrical voltage and frequency by using the CPU’s energy management system. Plundervolt doesn’t affect the SGX secrecy but it does add bugs to the data, so the output has errors. This could allow an attacker to extract an encryption key from the SGX.

Other than introducing errors in data that could affect encryption, Plundervolt works very quickly and efficiently, so unlike previous CPU attacks, this attack doesn’t crash a system. Luckily, though, it can’t be used remotely since Plundervolt requires a local app to run from on the infected machine. It also can’t be used from virtualized environments. It would likely only be used in targeted attacks.

The researchers have posted a proof of concept on github as of last week. Intel was notified in June of the issue and released CPU firmware and BIOS updates that patch Plundervolt. Since this affects Desktop, server, and mobile CPU’s, including Intel 6 - 10th generation processors, and Xeon processors, users should check their systems for updates as soon as possible.

Links

NEW!!! Shop ThreatWire Merch!

https://snubsie.com/shop

PlunderVolt:

https://plundervolt.com/

https://threatpost.com/intel-cpus-plundervolt-attack/151006/

https://arstechnica.com/information-technology/2019/12/scientists-pluck-crypto-keys-from-intels-sgx-by-tweaking-cpu-voltage/

https://www.zdnet.com/article/new-plundervolt-attack-impacts-intel-cpus/

https://github.com/KitMurdock/plundervolt

Comments

No comments found for this post.