Vulnerability reports currently affect hardware from AMD and Intel. According to security researchers, the gap that affects Intel's chipsets is said to be even closable.
According to Computerbase, at least "local and physical access" to the PC is necessary in the case of Intel, which clearly limits possible attack scenarios. On the other hand, AMD states that the security gap currently under discussion has been known for some time.
Intel CSME compromised
The security company Positive Technologies discovered the vulnerability CVE-2019-0090 in Intel hardware last year, but has now detailed itself expressed the extent of the problem:
- The vulnerability affects all currently available Intel chipsets and SoCs with the exception of Ice Point (10th generation)
- It cannot be closed by a firmware update and consists of both the boot ROM hardware and the firmware
- CVE-2019-0090 allows attackers to extract the chipset key stored on the PCH microchip, which provides access to encrypted data. This allows hackers to pretend to be their victim's own computer.
- An attacker cannot detect that the key has been compromised.
- The vulnerability, for example, allows DRM measures, TPM and Intel Identity Protection to be bypassed.
Researcher Mark Ermolov, who was instrumental in discovering the gap writes in a blog postthat endanger the vulnerability »everything Intel did to build the root of the trust and build a solid security foundation for the corporate platforms«.
Because this vulnerability allows an attack at the hardware level, »it destroys the chain of trust in the platform as a whole«.
AMD security hole according to the manufacturer "no problem"
Meanwhile, security researchers at Graz University of Technology and the University of Rennes have discovered another security vulnerability that affects AMD processors, including the current Ryzen models.
How Heise reported, hackers can carry out two different attacks, including using Javascript, to read data from the L1D cache:
- Collide + Probe – Attack via shared logical CPU core via simultaneous multithreading
- Load + Reload – Attack by accessing a specific CPU core
In response to the discovery of security researchers, AMD emphasizes that the attacks are not new attack patterns and that existing protective measures are used to ward off the attacks.
The manufacturer therefore recommends that users always keep the operating system up to date and install the latest software and firmware and update libraries.
