• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.
  • The forums have been upgraded with support for dark mode. By default it will follow the setting on your system/browser. You may override it by scrolling to the end of the page and clicking the gears icon.

Researchers Find Unfixable Vulnerability Inside Intel CPUs

What a sick burn! Too bad that this allows for things to happen even without physical access.

Currently, CVE-2019-0090 states that exploiting this requires physical access to the target machine.

They are still exploring how to exploit this through a virtual machine (since they use IOMMUs to map out to the memory), but the exploit needing DMA to get into the Intel CSME makes that difficult without directly connecting to the hardware.
 
Currently, CVE-2019-0090 states that exploiting this requires physical access to the target machine.

They are still exploring how to exploit this through a virtual machine (since they use IOMMUs to map out to the memory), but the exploit needing DMA to get into the Intel CSME makes that difficult without directly connecting to the hardware.
Yes, the CVE states that that method does require physical access. The attack vector however is visible even without it, they just haven’t had the resources to make a proof of concept(s) yet which are necessary for the CVE’s.
”We think there might be many ways to exploit this vulnerability in ROM. Some of them might require local access; others need physical access.”
 
What a sick burn! Too bad that this allows for things to happen even without physical access.

Sort of. If you can execute local admin level code somehow, you don't need physical access. But how do you get that? Likely malware infection or similar. For a healthy system you are going to need physical access or at the very least, social engineering.

I might note that bug would be rendered powerless by using the ME "Temp disable" (actually permanent) mode I used to provide. They'd log into a shutdown platform, effectively (if it even allowed login). I need to think of a way to provide that that doesn't require firmware hacking, too time consuming.
 
So, much ado about nothing, since physical access is required.


Is anyone still using that?

Yes, and it's gaining traction as more companies switch to mobile centric operating models. You're probably think Java, unless you were being sarcastic, don't mind me.
 
I posted this in another thread but it's relevant here as well. They touch on every important aspect and explain a few things in some detail.
Please refer to the first topic starting at 1:56
 
Back
Top