Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

12/11/2019
05:20 PM
Connect Directly
Google+
Twitter
RSS
E-Mail
50%
50%

Intel Issues Fix for 'Plundervolt' SGX Flaw

Researchers were able to extract AES encryption key using SGX's voltage-tuning function.

Intel this week urged customers to apply a new firmware update that thwarts a new class of attack techniques exploiting the voltage adjustment feature in several families of its microprocessors.

Three different academic research teams separately found and reported to Intel a vulnerability in its Software Guard Extensions (SGX) security feature that could be abused by an attacker to inject malware and even steal encryption keys. SGX, which is baked into modern Intel microprocessors, places sensitive computations such as memory encryption and authentication in protected "enclaves" so attackers can't modify or access them. It allows frequency and voltage to be tuned for managing heat and power consumption of machines.

One group of researchers was able to lower the voltage on SGX-based systems - "undervolting" them - and allowing them to force an error that resulted in their recovering the AES encryption key within a few minutes.

The INTEL-SA-00289 vulnerability lies in the Intel 6th, 7th, 8th, 9th, and 10th Generation Core Processors, as well as the Xeon Processor E3 v5 and v6 and the Xeon Processor E-2100 and E-2200 lines. 

Intel's security update disables the voltage-tuning function in SGX, basically locking down voltage to the default settings. The company advises applying the patch ASAP: "We are not aware of any of these issues being used in the wild, but as always, we recommend installing security updates as soon as possible," said Jerry Bryant, director of communications for Intel, in blog post yesterday, pointing to a list of computer manufacturer support sites for update details.

'Plundervolt'
Researchers from the University of Birmingham's School of Computer Science, imec-DistriNet, and Graz University of Technology teamed up to study how to exploit the voltage feature in SGX in a project they dubbed "Plundervolt," which they plan to present at the IEEE Security & Privacy conference in May. They were the first to alert Intel to the vulnerability, in June 2019.

The team consists of Oswald, University of Birmingham's Kit Murdock and Flavio Garcia, imec-DistriNet's Jo Van Bulck and Frank Piessens, and Graz University's Daniel Gruss.

In August 2019, researchers from Technische Universität Darmstadt and University of California gave Intel a proof-of-concept of the vuln, and University of Maryland and Tsinghua University researchers disclosed the issue to Intel as well that month.

David Oswald, senior lecturer in Computer Security at the University of Birmingham and a member of the Plundervolt team, says the concept of "undervolting" had been known for some time, but it previously had only been executed via hardware, attaching an external power supply unit, for instance.

What's unique about Plundervolt and similar attacks is that they are mounted from software, Oswald says. "So we simply need to execute code on a target machine so it can do the undervolting" via the software interface, he says.

Even so, you need to gain administrative privileges to manipulate the voltage feature.

In a nutshell, here's how Plundervolt works: The researchers reduced the supply of voltage to the CPU in short bursts to avoid crashing the computer, which allowed them to flip a bit in some critical computations, such as AES encryption.

"You can flip a bit here and there to carry out an attack," he says. "There are tools on Github which you can use to carry out some mathematical analysis ... and then you can recover the [AES] key in minutes."

The researchers also were able to flip a bit in some computations to inject malicious code into the enclave, such as a buffer overflow exploit. 

The underlying vuln Plundervolt exploits the ability for an admin to tune the voltage.

"It looks like it was an oversight. Probably one [Intel] group developed SGX and another the power management features like undervolting," Oswald says. "You have a very complex process developed by a lot of people. And you have a very big attack surface."

The undervolting attacks come on the heels of a wave of speculative execution attack research on Intel chips, such as Spectre and Foreshadow. The latter read data from an SGX enclave's memory while Plundervolt and others alter the values in the memory.

The researchers offer video clips and details, as well as their research paper, on a Plundervolt website they established.

Oswald's team next hopes to explore other instructions it can alter in SGX and to test other hardware platforms for similar weaknesses, possibly some smartphones. They also want to investigate another way to defend against Plundervolt-style attacks rather than just shutting it off like Intel has done.

"Maybe there's a more elegant way of defending against this without simply disabling undervolting," he says. "It has a good use," such as energy savings.

Even so, most end users don't employ SGX on their machines, he notes. While it comes in many laptop processors, for example, for the most part "it's not actively used" in those environments.

Don't Panic
Oswald believes undervolting attacks obviously aren't an imminent danger, but as operating systems become more secure, attackers will migrate more to hardware hacks.

"I think the researchers now are mainly ahead of the attackers," he says. "For nation-states, [for example], it's easier to buy a classic buffer overflow or something [else] than to do hardware-based attacks."

Richard Bejtlich, principal security strategist at Corelight, says Plundervolt demonstrates how academic researchers have found a real niche in CPU hacking. While academia often gets criticized for obscure or "out-of-touch" security research, he says, this type of hardware research resonates.

"I think when they focus on this hardware-level analysis, there's a really deep computer [science]," he says. "This seems to be something they are really good at."  

Related Content:

Check out The Edge, Dark Reading's new section for features, threat data, and in-depth perspectives. Today's top story: "The Next Security Silicon Valley: Coming to a City Near You?"

Kelly Jackson Higgins is the Executive Editor of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 8/3/2020
Pen Testers Who Got Arrested Doing Their Jobs Tell All
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/5/2020
New 'Nanodegree' Program Provides Hands-On Cybersecurity Training
Nicole Ferraro, Contributing Writer,  8/3/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Changing Face of Threat Intelligence
The Changing Face of Threat Intelligence
This special report takes a look at how enterprises are using threat intelligence, as well as emerging best practices for integrating threat intel into security operations and incident response. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15058
PUBLISHED: 2020-08-07
Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to elevate privileges because the administrative password can be discovered by sniffing unencrypted UDP traffic.
CVE-2020-15059
PUBLISHED: 2020-08-07
Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to bypass authentication via a web-administration request that lacks a password parameter.
CVE-2020-15060
PUBLISHED: 2020-08-07
Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to conduct persistent XSS attacks by leveraging administrative privileges to set a crafted server name.
CVE-2020-15061
PUBLISHED: 2020-08-07
Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to denial-of-service the device via long input values.
CVE-2020-15062
PUBLISHED: 2020-08-07
DIGITUS DA-70254 4-Port Gigabit Network Hub 2.073.000.E0008 devices allow an attacker on the same network to elevate privileges because the administrative password can be discovered by sniffing unencrypted UDP traffic.