Researchers have discovered a new vulnerability that affects Intel processors, and that, for now, has no solution.
A recent failure in the ROM of the converged security and management engine (CSME) jeopardizes the security of some Intel processors.
This vulnerability was initially reported in June 2019. Although a patch was released to mitigate it, the reality is that the only solution is to upgrade to a tenth-generation Intel processor or opt for another brand.
To exploit this vulnerability, an attacker should have physical access to the machine; in theory, it cannot be exploited remotely.
How it works
According to investigators, an attacker could manipulate the code of any firmware module in a way that authenticity checks cannot detect it. This vulnerability affects the Intel CSME boot ROM, being able to extract the chipset key and manipulate part of the hardware key and the process of its generation. This failure would also allow the execution of arbitrary code with zero level privileges in the subsystem.
The vulnerability seemed harmless back in 2019. However, it has proved to be a real security issue for almost all new Intel processors.
Unfortunately, at the time of writing, Intel has no patch for this vulnerability, all you can do for now, is either, upgrade to the 10th generation or buy another brand which involves changing the motherboard due to the socket compatibility.
This vulnerability affects all Intel processors manufactured in the last five years except the tenth generation. Besides, they have determined that even with the latest firmware version available, the vulnerability is still present.
According to the researchers, it is impossible to correct firmware errors that are encoded in the ROM. This vulnerability compromises the equipment at the hardware level. The problem for Intel is that the CSME subsystem is the basis of the hardware security technologies developed by the company.
The CSME is one of the first systems to run and is responsible for loading and verifying all computer firmware. Examples of this are the UEFI BIOS firmware, as well as the one dedicated to the power management controller that regulates the processor power supply.
If an adversary obtains the chipset key, they can decrypt any data encrypted using Intel Platform Trust Technology. So, any data that was encrypted using Intel PTT technology could be decrypted.
Although the chipset key is encrypted within OTP memory, it is a matter of time for attackers to extract it.
Intel advice users to prevent physical access to their devices, installing updates as soon as they become available, and ensuring that they can detect and prevent intrusions and exploitation, well, sounds like a good time to have installed CyberEasy.