Security researchers are warning of a major new security flaw inside Intel processors, and it could defeat hardware-based encryption and DRM protections. The flaw exists at the hardware level of modern Intel processors released in the last five years, and could allow attackers to create special malware (like keyloggers) that runs at the hardware level and is undetectable by traditional antivirus systems. Intel’s latest 10th Gen processors are not vulnerable, though.
Security firm Positive Technologies discovered the flaw, and is warning that it could break apart a chain of trust for important technology like silicon-based encryption, hardware authentication, and modern DRM protections. “This vulnerability jeopardizes everything Intel has done to build the root of trust and lay a solid security foundation on the company’s platforms,” explains security researcher Mark Ermolov.
The root of the flaw is Intel’s Converged Security Management Engine (CSME), the part of Intel’s chips that’s responsible for securing all firmware that runs on Intel-powered machines. Intel has previously patched vulnerabilities in the CSME, but the researchers warn the CSME firmware is unprotected early on when a system boots so it’s still vulnerable to attacks.
“The problem is not only that it is impossible to fix firmware errors that are hard-coded in the Mask ROM of microprocessors and chipsets,” warns Ermolov. “The larger worry is that, because this vulnerability allows a compromise at the hardware level, it destroys the chain of trust for the platform as a whole.”
Successful attacks would require skill and in most cases physical access to a machine, but some could be performed by other malware bypassing OS-level protections to perform local attacks. This could lead to data from encrypted hard disks being decrypted, forged hardware IDs, and even the ability to extract digital content protected by DRM.
Intel has downplayed the new security vulnerability, noting it would likely require specialized hardware and physical access. “Intel was notified of a vulnerability potentially affecting the Intel Converged Security Management Engine in which an unauthorized user with specialized hardware and physical access may be able to execute arbitrary code within the Intel CSME subsystem on certain Intel products,” says an Intel spokesperson in a statement to Ars Technica. “Intel released mitigations and recommends keeping systems up-to-date. Additional guidance specific to CVE-2019-0090 can be found here.”
Positive Technologies plans to “provide more technical details” in a white paper that’s due to be published soon, which will allow other security researchers to dig deeper into the findings. “Intel understands they cannot fix the vulnerability in the ROM of existing hardware. So they are trying to block all possible exploitation vectors,” explains Ermolov. “We think there might be many ways to exploit this vulnerability in ROM. Some of them might require local access; others need physical access.”
Intel has been struggling with its processor security flaws recently. The initial discovery of the Meltdown and Spectre processor vulnerabilities back in January 2018 led to additional flaws. Researchers warned that variants and other consequences of the bug would appear for years to come, and we’re still seeing the repercussions more than two years later. Intel has attempted to mitigate most flaws with patches, but only newer processors will escape these vulnerabilities thanks to new security designs.