Security firm Positive Technologies has discovered a vulnerability in Intel’s processors launched within the past five years which allows malicious parties to extract the chipset key and obtain access to user data.
Such a breach is impossible to detect, the security firm said.
“With the chipset key, attackers can decrypt data stored on a target computer and even forge its Enhanced Privacy ID (EPID) attestation, or in other words, pass off an attacker computer as the victim’s computer.”
Positive Technologies explained that EPID is used in DRM, financial transactions, and attestation of IoT devices.
How it works
“Attackers can obtain the key in many different ways,” said Positive Technologies lead specialist of OS and hardware security Mark Ermolov.
“For example, they can extract it from a lost or stolen laptop in order to decrypt confidential data. Unscrupulous suppliers, contractors, or even employees with physical access to the computer can get hold of the key.”
“In some cases, attackers can intercept the key remotely, provided they have gained local access to a target PC as part of a multistage attack, or if the manufacturer allows remote firmware updates of internal devices, such as Intel Integrated Sensor Hub.”
Positive Technologies said attackers can also exploit the vulnerability on their own computers to bypass content DRM and make illegal copies of software. It also allows for code execution at the zero-level of privilege of Intel Converged Security and Management Engine (CSME).
Intel has recommended that affected users contact their device or motherboard manufacturer to get security updates for the issue.
However, it is impossible to fully fix this vulnerability.
“Since it is impossible to fully fix the vulnerability by modifying the chipset ROM, Positive Technologies experts recommend disabling Intel CSME based encryption of data storage devices or considering migration to tenth-generation or later Intel CPUs,” Positive Technologies said.