Researchers have found a nasty bug in an essential component that is at the base of the entire cryptographic chain of trust in Intel systems. This vulnerability allowed to decrypt or modify everything on a machine.
Bad news for Intel chip users. Security researchers at Positive Technologies have discovered a flaw in the Boot ROM of the Converged Security and Management Engine (CSME), a hardware memory component that is the basis of the entire cryptographic chain of trust for Intel computers. Executed at the very start of startup, this software – which is therefore impossible to correct – will generate the Trusted Platform Module (TPM), a special memory area that allows encryption keys to be stored securely.
The CSME is also the cryptographic sponsor of the UEFI firmware (the successor to the BIOS) and of the Power Management Controller. In addition, it implements functions called “Enhanced Privacy ID”, which allow authentication of other protection systems on the computer, for example dedicated to securing content protected by copyright (DRM) or financial transactions.
This flaw concerns all recent Intel chips, with the exception of the latest generation. It modifies the execution of CSME and potentially affects the security of all of these technologies that depend on it. In particular, it would allow access to a hardware encryption key used to encrypt the Chipset Key, a master key used to generate all other encryption keys. “However, this [hardware] key is not specific to the platform. A single key is used for a whole generation of Intel chipsets (…). We believe that extracting this key is only a matter of time. When this happens, total chaos will reign. Hardware identifiers will be falsified, protected digital content will be extracted, and encrypted data from hard drives will be decrypted, ”said Positive Technologies in a blog note. As this flaw is at the hardware level, the only solution to permanently remove the risk would be to change the hardware. Contacted by Positive Technologies, Intel nevertheless seeks to play down the situation. The American giant was already aware of this flaw, which was referenced under the number CVE-2019-0090. In a press release sent to Ars Technica, he believes that it can only be exploited through “physical access and special equipment”. A patch was also released in 2019 to prevent potential attack
But Positive Technologies believes that the Intel patch covers only one attack vector, and that there are many more. In addition, operation would not necessarily require physical access, but could be done through “local access”. According to ZDnet, who spoke with one of the researchers, that means malware with root privileges or BIOS access could do the trick. Positive Technologies plans to publish a white paper soon which should provide more technical details on the subject.
Sources: Ars Technica