• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

5 years of Intel CPUs and chipsets have a concerning flaw that’s unfixable

Joined
Mar 6, 2017
Messages
3,332 (1.18/day)
Location
North East Ohio, USA
System Name My Ryzen 7 7700X Super Computer
Processor AMD Ryzen 7 7700X
Motherboard Gigabyte B650 Aorus Elite AX
Cooling DeepCool AK620 with Arctic Silver 5
Memory 2x16GB G.Skill Trident Z5 NEO DDR5 EXPO (CL30)
Video Card(s) XFX AMD Radeon RX 7900 GRE
Storage Samsung 980 EVO 1 TB NVMe SSD (System Drive), Samsung 970 EVO 500 GB NVMe SSD (Game Drive)
Display(s) Acer Nitro XV272U (DisplayPort) and Acer Nitro XV270U (DisplayPort)
Case Lian Li LANCOOL II MESH C
Audio Device(s) On-Board Sound / Sony WH-XB910N Bluetooth Headphones
Power Supply MSI A850GF
Mouse Logitech M705
Keyboard Steelseries
Software Windows 11 Pro 64-bit
Benchmark Scores https://valid.x86.fr/liwjs3
Last edited:
Joined
Jun 3, 2010
Messages
2,540 (0.48/day)
Kinda old.
 

Solaris17

Super Dainty Moderator
Staff member
Joined
Aug 16, 2005
Messages
26,967 (3.83/day)
Location
Alabama
System Name RogueOne
Processor Xeon W9-3495x
Motherboard ASUS w790E Sage SE
Cooling SilverStone XE360-4677
Memory 128gb Gskill Zeta R5 DDR5 RDIMMs
Video Card(s) MSI SUPRIM Liquid X 4090
Storage 1x 2TB WD SN850X | 2x 8TB GAMMIX S70
Display(s) 49" Philips Evnia OLED (49M2C8900)
Case Thermaltake Core P3 Pro Snow
Audio Device(s) Moondrop S8's on schitt Gunnr
Power Supply Seasonic Prime TX-1600
Mouse Lamzu Atlantis mini (White)
Keyboard Monsgeek M3 Lavender, Moondrop Luna lights
VR HMD Quest 3
Software Windows 11 Pro Workstation
Benchmark Scores I dont have time for that.
Please put any original thought into your posts or the thread will be locked please.
 
Joined
May 30, 2015
Messages
1,928 (0.56/day)
Location
Seattle, WA
How? Arstechnica just published that article today.

They're late to reporting on it. The company that 'discovered' it, Positive Technologies, even addresses that the flaw is the same as CVE-2019-0090 which Intel already has mitigations for.

" We should point out that when our specialists contacted Intel PSIRT to report the vulnerability, Intel said the company was already aware of it (CVE-2019-0090). Intel understands they cannot fix the vulnerability in the ROM of existing hardware. So they are trying to block all possible exploitation vectors. The patch for CVE-2019-0090 addresses only one potential attack vector, involving the Integrated Sensors Hub (ISH). We think there might be many ways to exploit this vulnerability in ROM. Some of them might require local access; others need physical access. "
 
Joined
Dec 31, 2009
Messages
19,371 (3.56/day)
Benchmark Scores Faster than yours... I'd bet on it. :)
Kinda old.
Is this the same issue? I see a cve in yours but not one in the OP's link.

Edit: ahh ha! (CVE-2019-0090)

Not the same. ;)
 
Last edited:
Joined
Jan 16, 2008
Messages
1,349 (0.22/day)
Location
Milwaukee, Wisconsin, USA
Processor i7-3770K
Motherboard Biostar Hi-Fi Z77
Cooling Swiftech H20 (w/Custom External Rad Enclosure)
Memory 16GB DDR3-2400Mhz
Video Card(s) Alienware GTX 1070
Storage 1TB Samsung 850 EVO
Display(s) 32" LG 1440p
Case Cooler Master 690 (w/Mods)
Audio Device(s) Creative X-Fi Titanium
Power Supply Corsair 750-TX
Mouse Logitech G5
Keyboard G. Skill Mechanical
Software Windows 10 (X64)
This is also being reported in several other major news publications today, so while it may be old news, it's still current.

Please put any original thought into your posts or the thread will be locked please.

The way you've stated this seems insulting.
 

Solaris17

Super Dainty Moderator
Staff member
Joined
Aug 16, 2005
Messages
26,967 (3.83/day)
Location
Alabama
System Name RogueOne
Processor Xeon W9-3495x
Motherboard ASUS w790E Sage SE
Cooling SilverStone XE360-4677
Memory 128gb Gskill Zeta R5 DDR5 RDIMMs
Video Card(s) MSI SUPRIM Liquid X 4090
Storage 1x 2TB WD SN850X | 2x 8TB GAMMIX S70
Display(s) 49" Philips Evnia OLED (49M2C8900)
Case Thermaltake Core P3 Pro Snow
Audio Device(s) Moondrop S8's on schitt Gunnr
Power Supply Seasonic Prime TX-1600
Mouse Lamzu Atlantis mini (White)
Keyboard Monsgeek M3 Lavender, Moondrop Luna lights
VR HMD Quest 3
Software Windows 11 Pro Workstation
Benchmark Scores I dont have time for that.
The way you've stated this seems insulting.

I am sorry you took it as such. I meant to include thoughts on the matter in the OP.
 
Joined
Jul 5, 2013
Messages
27,829 (6.68/day)
Is this the same issue? I see a cve in yours but not one in the OP's link.

Edit: ahh ha! (CVE-2019-0090)

Not the same. ;)
You beat me to that one. This seems to be a new problem.

@trparky
Mitigation is the same as any of the rest of the vulnerabilities relating to Intel ME: disable the hardware, uninstall any relating drivers and software and use a network device not wired(built-on) to the motherboard itself. These steps will completely mitigate the vulnerabilities relating to this new discovery.
 
Joined
Mar 10, 2015
Messages
3,984 (1.12/day)
System Name Wut?
Processor 3900X
Motherboard ASRock Taichi X570
Cooling Water
Memory 32GB GSkill CL16 3600mhz
Video Card(s) Vega 56
Storage 2 x AData XPG 8200 Pro 1TB
Display(s) 3440 x 1440
Case Thermaltake Tower 900
Power Supply Seasonic Prime Ultra Platinum
Kinda old.
They're late to reporting on it.
This is also being reported in several other major news publications today, so while it may be old news, it's still current.

The CVEs are clearly different so these are clearly not the same issue so clearly not old. The one I reposted does not have any mention of CVE-2019-0090 which is what the OP is about.
 

Solaris17

Super Dainty Moderator
Staff member
Joined
Aug 16, 2005
Messages
26,967 (3.83/day)
Location
Alabama
System Name RogueOne
Processor Xeon W9-3495x
Motherboard ASUS w790E Sage SE
Cooling SilverStone XE360-4677
Memory 128gb Gskill Zeta R5 DDR5 RDIMMs
Video Card(s) MSI SUPRIM Liquid X 4090
Storage 1x 2TB WD SN850X | 2x 8TB GAMMIX S70
Display(s) 49" Philips Evnia OLED (49M2C8900)
Case Thermaltake Core P3 Pro Snow
Audio Device(s) Moondrop S8's on schitt Gunnr
Power Supply Seasonic Prime TX-1600
Mouse Lamzu Atlantis mini (White)
Keyboard Monsgeek M3 Lavender, Moondrop Luna lights
VR HMD Quest 3
Software Windows 11 Pro Workstation
Benchmark Scores I dont have time for that.
ME, may be a case in itself, but with SaaS and other cloud based software providers and services it inevitably leads to higher server density, and I am curious how oob/lights out management systems take the fight in a more security aware world.

IPMI
iLO
iDRAC

Just to name a few stand from vluns that are just as bad as some of the Intel ME ones. Full KVM access to a server is a big deal and coveted I imagine.

Even if it doesnt lead to any data loss/breach (and its hard not to imagine) I can't imagine the other kinds of disruption that could stem from those systems being broken into. Even if its just some skiddies sending a ACPI shutdown.
 
Joined
May 30, 2015
Messages
1,928 (0.56/day)
Location
Seattle, WA
The CVEs are clearly different so these are clearly not the same issue so clearly not old. The one I reposted does not have any mention of CVE-2019-0090 which is what the OP is about.


This is the direct report on the vulnerability by Positive Technologies where they themselves state it is the same vulnerability as outlined in CVE-2019-0090.

The Ars Technica article also says the same if you read down to the bottom, with statements from intel and links to CVE-2019-0090 mitigation downloads.

They simply exploited another attack vector, but it's the same vulnerability.
 
Joined
Mar 10, 2015
Messages
3,984 (1.12/day)
System Name Wut?
Processor 3900X
Motherboard ASRock Taichi X570
Cooling Water
Memory 32GB GSkill CL16 3600mhz
Video Card(s) Vega 56
Storage 2 x AData XPG 8200 Pro 1TB
Display(s) 3440 x 1440
Case Thermaltake Tower 900
Power Supply Seasonic Prime Ultra Platinum

This is the direct report on the vulnerability by Positive Technologies where they themselves state it is the same vulnerability as outlined in CVE-2019-0090.

The Ars Technica article also says the same if you read down to the bottom, with statements from intel and links to CVE-2019-0090 mitigation downloads.

They simply exploited another attack vector, but it's the same vulnerability.

CVEs don't generally get duplicated - a different CVE is a different flaw.

EDIT: No, these are different. The CVE from my repost targets this Intel SA: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00307.html which is Intel-SA-00307. While the CVE in the OP is covered by this SA: https://www.intel.com/content/www/us/en/support/articles/000033416/technologies.html which is Intel-SA-00213
 
Last edited:
Joined
Jun 29, 2007
Messages
1,246 (0.20/day)
Location
Repentigny, QC, CANADA
System Name CTG Computer
Processor AMD Ryzen 5 7600
Motherboard Asrock B650M PRO RS WIFI
Cooling Thermalright PA120 SE
Memory 2x 16gb G.SKILL F5-6000J3038F16GX2-FX5
Video Card(s) Gigabyte RX6800XT Gaming OC
Storage WD Black SN850X 2TB
Display(s) MAG274QRF-QD | Asus vg248qe
Case SAMA IM01
Audio Device(s) Creative SoundBlasterx G6
Power Supply Corsair SF750
Mouse Logitech G pro Wireless
Keyboard Corsair Strafe RGB MK2
Software Windows 11 Pro x64
ME, may be a case in itself, but with SaaS and other cloud based software providers and services it inevitably leads to higher server density, and I am curious how oob/lights out management systems take the fight in a more security aware world.

IPMI
iLO
iDRAC

Just to name a few stand from vluns that are just as bad as some of the Intel ME ones. Full KVM access to a server is a big deal and coveted I imagine.

Even if it doesnt lead to any data loss/breach (and its hard not to imagine) I can't imagine the other kinds of disruption that could stem from those systems being broken into. Even if its just some skiddies sending a ACPI shutdown.


You could shutdown a server, without access to an iDRAC, iLo, or any other.

Having an access to a Managed PDU, UPS, user/password of the Hypervisor/OS... This is the main reason why you set ACL on the management of any device. You never let non admin IP having access to this. It needs to be behind a firewall, in a different vlan, etc.

Intel ME, can be active on normal computer. You need to disable this, at any time.
 

Solaris17

Super Dainty Moderator
Staff member
Joined
Aug 16, 2005
Messages
26,967 (3.83/day)
Location
Alabama
System Name RogueOne
Processor Xeon W9-3495x
Motherboard ASUS w790E Sage SE
Cooling SilverStone XE360-4677
Memory 128gb Gskill Zeta R5 DDR5 RDIMMs
Video Card(s) MSI SUPRIM Liquid X 4090
Storage 1x 2TB WD SN850X | 2x 8TB GAMMIX S70
Display(s) 49" Philips Evnia OLED (49M2C8900)
Case Thermaltake Core P3 Pro Snow
Audio Device(s) Moondrop S8's on schitt Gunnr
Power Supply Seasonic Prime TX-1600
Mouse Lamzu Atlantis mini (White)
Keyboard Monsgeek M3 Lavender, Moondrop Luna lights
VR HMD Quest 3
Software Windows 11 Pro Workstation
Benchmark Scores I dont have time for that.
Intel ME, can be active on normal computer. You need to disable this, at any time.

Meh, the same could be said for ME (it is OOB). You can even take it a step further too in reality, someone will leverage any of the far easier network/OS level exploits before they hit the jackpot with IPMI.

Doesn't change the fact ME has the vulnerability, doesn't change the fact that im still curious. A quick scan or probe on shodan and you would be surprised the amount of idiots with any OOB technology open to the world.
 
Joined
Mar 10, 2015
Messages
3,984 (1.12/day)
System Name Wut?
Processor 3900X
Motherboard ASRock Taichi X570
Cooling Water
Memory 32GB GSkill CL16 3600mhz
Video Card(s) Vega 56
Storage 2 x AData XPG 8200 Pro 1TB
Display(s) 3440 x 1440
Case Thermaltake Tower 900
Power Supply Seasonic Prime Ultra Platinum
A quick scan or probe on shodan and you would be surprised the amount of idiots with any OOB technology open to the world.

Are you really that surprised though?
 

Solaris17

Super Dainty Moderator
Staff member
Joined
Aug 16, 2005
Messages
26,967 (3.83/day)
Location
Alabama
System Name RogueOne
Processor Xeon W9-3495x
Motherboard ASUS w790E Sage SE
Cooling SilverStone XE360-4677
Memory 128gb Gskill Zeta R5 DDR5 RDIMMs
Video Card(s) MSI SUPRIM Liquid X 4090
Storage 1x 2TB WD SN850X | 2x 8TB GAMMIX S70
Display(s) 49" Philips Evnia OLED (49M2C8900)
Case Thermaltake Core P3 Pro Snow
Audio Device(s) Moondrop S8's on schitt Gunnr
Power Supply Seasonic Prime TX-1600
Mouse Lamzu Atlantis mini (White)
Keyboard Monsgeek M3 Lavender, Moondrop Luna lights
VR HMD Quest 3
Software Windows 11 Pro Workstation
Benchmark Scores I dont have time for that.
Are you really that surprised though?

Man I wish I was. Probably wouldn't have a career if people weren't dumb though.

With Intel ME. I don't think it's ME itself, or rather I don't think it's the idea of ME. I think at this point though there will be cve after cve. It's the implementation that is broken. Hardware that is simply not physically architected securely enough.

I want to be fair here. Everyone keeps bashing ME. I get it and it's deserved. I hope though that the users have the clairvoyance to see it for what it is though. Let's take this for example.

They have a hardware problem, physical architecture allows arbitrary exploitation.

They patch it with software because they can't rewire it.

A vlun is found in the patch
A new patch is issued.
They leverage other software that is trusted to bypass the patch.

They are reported to have 4 problems including the initial CVE. However, these are all problems based on the same hardware.

Things like this are just unavoidable, regardless of manufacturer. Once you have a hardware fault you simply move the method of exploitation up a level. They moved it from hardware to software, now it will be patch after patch. There will generally always be a way via proxy or otherwise. This specific arch implementation if ME is toast.

That doesn't mean the next will be though. All platforms new and old deserve scrutiny. So I have no doubts the next gen ME platform will be looked at under a microscope by company management/engineers and by the public at large.

That doesn't mean they are the same problems though. That doesn't mean that all MEs are the same.

I hope that the clarification is given (as it often is I guess) about the differences in nature between new products and past problems. The security industry let alone just public users deserve to have an open mind regardless of preference if only to find more issues with new platforms.
 
Joined
Apr 12, 2013
Messages
7,532 (1.77/day)
This is the direct report on the vulnerability by Positive Technologies where they themselves state it is the same vulnerability as outlined in CVE-2019-0090.

The Ars Technica article also says the same if you read down to the bottom, with statements from intel and links to CVE-2019-0090 mitigation downloads.

They simply exploited another attack vector, but it's the same vulnerability.
So it wasn't fully patched, just like the slew of half baked patches which Intel released last year & tried to bribe the researches to not disclose other attack vectors. In short this is NEW :)
 

Solaris17

Super Dainty Moderator
Staff member
Joined
Aug 16, 2005
Messages
26,967 (3.83/day)
Location
Alabama
System Name RogueOne
Processor Xeon W9-3495x
Motherboard ASUS w790E Sage SE
Cooling SilverStone XE360-4677
Memory 128gb Gskill Zeta R5 DDR5 RDIMMs
Video Card(s) MSI SUPRIM Liquid X 4090
Storage 1x 2TB WD SN850X | 2x 8TB GAMMIX S70
Display(s) 49" Philips Evnia OLED (49M2C8900)
Case Thermaltake Core P3 Pro Snow
Audio Device(s) Moondrop S8's on schitt Gunnr
Power Supply Seasonic Prime TX-1600
Mouse Lamzu Atlantis mini (White)
Keyboard Monsgeek M3 Lavender, Moondrop Luna lights
VR HMD Quest 3
Software Windows 11 Pro Workstation
Benchmark Scores I dont have time for that.
So it wasn't fully patched, just like the slew of half baked patches which Intel released last year & tried to bribe the researches to not disclose other attack vectors. In short this is NEW :)

Blah have any of the ME patches affect performance yet? I think several of them have been OS level mitigation’s.
 
Joined
Apr 12, 2013
Messages
7,532 (1.77/day)
Blah have any of the ME patches affect performance yet? I think several of them have been OS level mitigation’s.
That wasn't ME from what I remember ~
And I'll put it bluntly, corporate doublespeak is not fine IMO but this was a lie!
 

Solaris17

Super Dainty Moderator
Staff member
Joined
Aug 16, 2005
Messages
26,967 (3.83/day)
Location
Alabama
System Name RogueOne
Processor Xeon W9-3495x
Motherboard ASUS w790E Sage SE
Cooling SilverStone XE360-4677
Memory 128gb Gskill Zeta R5 DDR5 RDIMMs
Video Card(s) MSI SUPRIM Liquid X 4090
Storage 1x 2TB WD SN850X | 2x 8TB GAMMIX S70
Display(s) 49" Philips Evnia OLED (49M2C8900)
Case Thermaltake Core P3 Pro Snow
Audio Device(s) Moondrop S8's on schitt Gunnr
Power Supply Seasonic Prime TX-1600
Mouse Lamzu Atlantis mini (White)
Keyboard Monsgeek M3 Lavender, Moondrop Luna lights
VR HMD Quest 3
Software Windows 11 Pro Workstation
Benchmark Scores I dont have time for that.
That wasn't ME from what I remember ~

Huh, I already knew of spectre and mitre etc, but I was under the impression ME patches had entered the user space.

Probably a good thing they haven't. Performance loss at this point can be pretty jarring for certain workloads. I wouldn't be surprised if some tool was made by now that disabled them though. (Assuming a software work around is in play and people don't have updated BIOS.)

EDIT:: Looks like Inspectre does this now. Could have sworn it just checked in earlier versions. https://www.grc.com/inspectre.htm
 
Last edited:
Joined
Jun 29, 2007
Messages
1,246 (0.20/day)
Location
Repentigny, QC, CANADA
System Name CTG Computer
Processor AMD Ryzen 5 7600
Motherboard Asrock B650M PRO RS WIFI
Cooling Thermalright PA120 SE
Memory 2x 16gb G.SKILL F5-6000J3038F16GX2-FX5
Video Card(s) Gigabyte RX6800XT Gaming OC
Storage WD Black SN850X 2TB
Display(s) MAG274QRF-QD | Asus vg248qe
Case SAMA IM01
Audio Device(s) Creative SoundBlasterx G6
Power Supply Corsair SF750
Mouse Logitech G pro Wireless
Keyboard Corsair Strafe RGB MK2
Software Windows 11 Pro x64
Meh, the same could be said for ME (it is OOB). You can even take it a step further too in reality, someone will leverage any of the far easier network/OS level exploits before they hit the jackpot with IPMI.

Doesn't change the fact ME has the vulnerability, doesn't change the fact that im still curious. A quick scan or probe on shodan and you would be surprised the amount of idiots with any OOB technology open to the world.

Any code have a Vulnerability. That is not the question. Even without any IPMI, you could it the jackpot. Someone that wants to reach the core of a business, will to do, whatever it takes. You can just slow him and if you have a reactive team, block it, before there is too much damage.

You just said "amount of idiots", That's because IT has become for everyone, and people don't understand. Add Cloud to all of this, we have alot of problem.

Man I wish I was. Probably wouldn't have a career if people weren't dumb though.

With Intel ME. I don't think it's ME itself, or rather I don't think it's the idea of ME. I think at this point though there will be cve after cve. It's the implementation that is broken. Hardware that is simply not physically architected securely enough.

I want to be fair here. Everyone keeps bashing ME. I get it and it's deserved. I hope though that the users have the clairvoyance to see it for what it is though. Let's take this for example.

They have a hardware problem, physical architecture allows arbitrary exploitation.

They patch it with software because they can't rewire it.

A vlun is found in the patch
A new patch is issued.
They leverage other software that is trusted to bypass the patch.

They are reported to have 4 problems including the initial CVE. However, these are all problems based on the same hardware.

Things like this are just unavoidable, regardless of manufacturer. Once you have a hardware fault you simply move the method of exploitation up a level. They moved it from hardware to software, now it will be patch after patch. There will generally always be a way via proxy or otherwise. This specific arch implementation if ME is toast.

That doesn't mean the next will be though. All platforms new and old deserve scrutiny. So I have no doubts the next gen ME platform will be looked at under a microscope by company management/engineers and by the public at large.

That doesn't mean they are the same problems though. That doesn't mean that all MEs are the same.

I hope that the clarification is given (as it often is I guess) about the differences in nature between new products and past problems. The security industry let alone just public users deserve to have an open mind regardless of preference if only to find more issues with new platforms.

I understand this point, I am not bashing Intel ME, I just think that for a computer, that can go anywhere, connect to any network, this shouldn't be enabled. Like I said, there is bug everywhere. Just like HP iLO 4 firmware version 2.54, typing A 29 times, bypass security :) There is exploit everywher,e you just can reduce the access to these device, and you have mostly no damage possible, except if one of your IT computer gets compromised.
 
Joined
Oct 26, 2016
Messages
1,788 (0.61/day)
Location
BGD
System Name Minotaur
Processor Intel I9 7940X
Motherboard Asus Strix Rog Gaming E X299
Cooling BeQuiet/ double-Fan
Memory 192Gb of RAM DDR4 2400Mhz
Video Card(s) 1)RX 6900XT BIOSTAR 16Gb***2)MATROX M9120LP
Storage 2 x ssd-Kingston 240Gb A400 in RAID 0+ HDD 500Gb +Samsung 128gbSSD +SSD Kinston 480Gb
Display(s) BenQ 28"EL2870U(4K-HDR) / Acer 24"(1080P) / Eizo 2336W(1080p) / 2x Eizo 19"(1280x1024)
Case NZXT H5 Flow
Audio Device(s) Realtek/Creative T20 Speakers
Power Supply F S P Hyper S 700W
Mouse Asus TUF-GAMING M3
Keyboard Func FUNC-KB-460/Mechanical Keyboard
VR HMD Oculus Rift DK2
Software Win 11
Benchmark Scores Fire Strike=23905,Cinebench R15=3167,Cinebench R20=7490.Passmark=30689,Geekbench4=32885
Top