Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

12/11/2019
05:20 PM
Connect Directly
Google+
Twitter
RSS
E-Mail
50%
50%

Intel Issues Fix for 'Plundervolt' SGX Flaw

Researchers were able to extract AES encryption key using SGX's voltage-tuning function.

Intel this week urged customers to apply a new firmware update that thwarts a new class of attack techniques exploiting the voltage adjustment feature in several families of its microprocessors.

Three different academic research teams separately found and reported to Intel a vulnerability in its Software Guard Extensions (SGX) security feature that could be abused by an attacker to inject malware and even steal encryption keys. SGX, which is baked into modern Intel microprocessors, places sensitive computations such as memory encryption and authentication in protected "enclaves" so attackers can't modify or access them. It allows frequency and voltage to be tuned for managing heat and power consumption of machines.

One group of researchers was able to lower the voltage on SGX-based systems - "undervolting" them - and allowing them to force an error that resulted in their recovering the AES encryption key within a few minutes.

The INTEL-SA-00289 vulnerability lies in the Intel 6th, 7th, 8th, 9th, and 10th Generation Core Processors, as well as the Xeon Processor E3 v5 and v6 and the Xeon Processor E-2100 and E-2200 lines. 

Intel's security update disables the voltage-tuning function in SGX, basically locking down voltage to the default settings. The company advises applying the patch ASAP: "We are not aware of any of these issues being used in the wild, but as always, we recommend installing security updates as soon as possible," said Jerry Bryant, director of communications for Intel, in blog post yesterday, pointing to a list of computer manufacturer support sites for update details.

'Plundervolt'
Researchers from the University of Birmingham's School of Computer Science, imec-DistriNet, and Graz University of Technology teamed up to study how to exploit the voltage feature in SGX in a project they dubbed "Plundervolt," which they plan to present at the IEEE Security & Privacy conference in May. They were the first to alert Intel to the vulnerability, in June 2019.

The team consists of Oswald, University of Birmingham's Kit Murdock and Flavio Garcia, imec-DistriNet's Jo Van Bulck and Frank Piessens, and Graz University's Daniel Gruss.

In August 2019, researchers from Technische Universität Darmstadt and University of California gave Intel a proof-of-concept of the vuln, and University of Maryland and Tsinghua University researchers disclosed the issue to Intel as well that month.

David Oswald, senior lecturer in Computer Security at the University of Birmingham and a member of the Plundervolt team, says the concept of "undervolting" had been known for some time, but it previously had only been executed via hardware, attaching an external power supply unit, for instance.

What's unique about Plundervolt and similar attacks is that they are mounted from software, Oswald says. "So we simply need to execute code on a target machine so it can do the undervolting" via the software interface, he says.

Even so, you need to gain administrative privileges to manipulate the voltage feature.

In a nutshell, here's how Plundervolt works: The researchers reduced the supply of voltage to the CPU in short bursts to avoid crashing the computer, which allowed them to flip a bit in some critical computations, such as AES encryption.

"You can flip a bit here and there to carry out an attack," he says. "There are tools on Github which you can use to carry out some mathematical analysis ... and then you can recover the [AES] key in minutes."

The researchers also were able to flip a bit in some computations to inject malicious code into the enclave, such as a buffer overflow exploit. 

The underlying vuln Plundervolt exploits the ability for an admin to tune the voltage.

"It looks like it was an oversight. Probably one [Intel] group developed SGX and another the power management features like undervolting," Oswald says. "You have a very complex process developed by a lot of people. And you have a very big attack surface."

The undervolting attacks come on the heels of a wave of speculative execution attack research on Intel chips, such as Spectre and Foreshadow. The latter read data from an SGX enclave's memory while Plundervolt and others alter the values in the memory.

The researchers offer video clips and details, as well as their research paper, on a Plundervolt website they established.

Oswald's team next hopes to explore other instructions it can alter in SGX and to test other hardware platforms for similar weaknesses, possibly some smartphones. They also want to investigate another way to defend against Plundervolt-style attacks rather than just shutting it off like Intel has done.

"Maybe there's a more elegant way of defending against this without simply disabling undervolting," he says. "It has a good use," such as energy savings.

Even so, most end users don't employ SGX on their machines, he notes. While it comes in many laptop processors, for example, for the most part "it's not actively used" in those environments.

Don't Panic
Oswald believes undervolting attacks obviously aren't an imminent danger, but as operating systems become more secure, attackers will migrate more to hardware hacks.

"I think the researchers now are mainly ahead of the attackers," he says. "For nation-states, [for example], it's easier to buy a classic buffer overflow or something [else] than to do hardware-based attacks."

Richard Bejtlich, principal security strategist at Corelight, says Plundervolt demonstrates how academic researchers have found a real niche in CPU hacking. While academia often gets criticized for obscure or "out-of-touch" security research, he says, this type of hardware research resonates.

"I think when they focus on this hardware-level analysis, there's a really deep computer [science]," he says. "This seems to be something they are really good at."  

Related Content:

Check out The Edge, Dark Reading's new section for features, threat data, and in-depth perspectives. Today's top story: "The Next Security Silicon Valley: Coming to a City Near You?"

Kelly Jackson Higgins is the Executive Editor of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Mobile Banking Malware Up 50% in First Half of 2019
Kelly Sheridan, Staff Editor, Dark Reading,  1/17/2020
Exploits Released for As-Yet Unpatched Critical Citrix Flaw
Jai Vijayan, Contributing Writer,  1/13/2020
Microsoft to Officially End Support for Windows 7, Server 2008
Kelly Sheridan, Staff Editor, Dark Reading,  1/13/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
Organizations have invested in a sweeping array of security technologies to address challenges associated with the growing number of cybersecurity attacks. However, the complexity involved in managing these technologies is emerging as a major problem. Read this report to find out what your peers biggest security challenges are and the technologies they are using to address them.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7227
PUBLISHED: 2020-01-18
Westermo MRD-315 1.7.3 and 1.7.4 devices have an information disclosure vulnerability that allows an authenticated remote attacker to retrieve the source code of different functions of the web application via requests that lack certain mandatory parameters. This affects ifaces-diag.asp, system.asp, ...
CVE-2019-15625
PUBLISHED: 2020-01-18
A memory usage vulnerability exists in Trend Micro Password Manager 3.8 that could allow an attacker with access and permissions to the victim's memory processes to extract sensitive information.
CVE-2019-19696
PUBLISHED: 2020-01-18
A RootCA vulnerability found in Trend Micro Password Manager for Windows and macOS exists where the localhost.key of RootCA.crt might be improperly accessed by an unauthorized party and could be used to create malicious self-signed SSL certificates, allowing an attacker to misdirect a user to phishi...
CVE-2019-19697
PUBLISHED: 2020-01-18
An arbitrary code execution vulnerability exists in the Trend Micro Security 2019 (v15) consumer family of products which could allow an attacker to gain elevated privileges and tamper with protected services by disabling or otherwise preventing them to start. An attacker must already have administr...
CVE-2019-20357
PUBLISHED: 2020-01-18
A Persistent Arbitrary Code Execution vulnerability exists in the Trend Micro Security 2020 (v160 and 2019 (v15) consumer familiy of products which could potentially allow an attacker the ability to create a malicious program to escalate privileges and attain persistence on a vulnerable system.