Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

12/11/2019
05:20 PM
Connect Directly
Google+
Twitter
RSS
E-Mail
50%
50%

Intel Issues Fix for 'Plundervolt' SGX Flaw

Researchers were able to extract AES encryption key using SGX's voltage-tuning function.

Intel this week urged customers to apply a new firmware update that thwarts a new class of attack techniques exploiting the voltage adjustment feature in several families of its microprocessors.

Three different academic research teams separately found and reported to Intel a vulnerability in its Software Guard Extensions (SGX) security feature that could be abused by an attacker to inject malware and even steal encryption keys. SGX, which is baked into modern Intel microprocessors, places sensitive computations such as memory encryption and authentication in protected "enclaves" so attackers can't modify or access them. It allows frequency and voltage to be tuned for managing heat and power consumption of machines.

One group of researchers was able to lower the voltage on SGX-based systems - "undervolting" them - and allowing them to force an error that resulted in their recovering the AES encryption key within a few minutes.

The INTEL-SA-00289 vulnerability lies in the Intel 6th, 7th, 8th, 9th, and 10th Generation Core Processors, as well as the Xeon Processor E3 v5 and v6 and the Xeon Processor E-2100 and E-2200 lines. 

Intel's security update disables the voltage-tuning function in SGX, basically locking down voltage to the default settings. The company advises applying the patch ASAP: "We are not aware of any of these issues being used in the wild, but as always, we recommend installing security updates as soon as possible," said Jerry Bryant, director of communications for Intel, in blog post yesterday, pointing to a list of computer manufacturer support sites for update details.

'Plundervolt'
Researchers from the University of Birmingham's School of Computer Science, imec-DistriNet, and Graz University of Technology teamed up to study how to exploit the voltage feature in SGX in a project they dubbed "Plundervolt," which they plan to present at the IEEE Security & Privacy conference in May. They were the first to alert Intel to the vulnerability, in June 2019.

The team consists of Oswald, University of Birmingham's Kit Murdock and Flavio Garcia, imec-DistriNet's Jo Van Bulck and Frank Piessens, and Graz University's Daniel Gruss.

In August 2019, researchers from Technische Universität Darmstadt and University of California gave Intel a proof-of-concept of the vuln, and University of Maryland and Tsinghua University researchers disclosed the issue to Intel as well that month.

David Oswald, senior lecturer in Computer Security at the University of Birmingham and a member of the Plundervolt team, says the concept of "undervolting" had been known for some time, but it previously had only been executed via hardware, attaching an external power supply unit, for instance.

What's unique about Plundervolt and similar attacks is that they are mounted from software, Oswald says. "So we simply need to execute code on a target machine so it can do the undervolting" via the software interface, he says.

Even so, you need to gain administrative privileges to manipulate the voltage feature.

In a nutshell, here's how Plundervolt works: The researchers reduced the supply of voltage to the CPU in short bursts to avoid crashing the computer, which allowed them to flip a bit in some critical computations, such as AES encryption.

"You can flip a bit here and there to carry out an attack," he says. "There are tools on Github which you can use to carry out some mathematical analysis ... and then you can recover the [AES] key in minutes."

The researchers also were able to flip a bit in some computations to inject malicious code into the enclave, such as a buffer overflow exploit. 

The underlying vuln Plundervolt exploits the ability for an admin to tune the voltage.

"It looks like it was an oversight. Probably one [Intel] group developed SGX and another the power management features like undervolting," Oswald says. "You have a very complex process developed by a lot of people. And you have a very big attack surface."

The undervolting attacks come on the heels of a wave of speculative execution attack research on Intel chips, such as Spectre and Foreshadow. The latter read data from an SGX enclave's memory while Plundervolt and others alter the values in the memory.

The researchers offer video clips and details, as well as their research paper, on a Plundervolt website they established.

Oswald's team next hopes to explore other instructions it can alter in SGX and to test other hardware platforms for similar weaknesses, possibly some smartphones. They also want to investigate another way to defend against Plundervolt-style attacks rather than just shutting it off like Intel has done.

"Maybe there's a more elegant way of defending against this without simply disabling undervolting," he says. "It has a good use," such as energy savings.

Even so, most end users don't employ SGX on their machines, he notes. While it comes in many laptop processors, for example, for the most part "it's not actively used" in those environments.

Don't Panic
Oswald believes undervolting attacks obviously aren't an imminent danger, but as operating systems become more secure, attackers will migrate more to hardware hacks.

"I think the researchers now are mainly ahead of the attackers," he says. "For nation-states, [for example], it's easier to buy a classic buffer overflow or something [else] than to do hardware-based attacks."

Richard Bejtlich, principal security strategist at Corelight, says Plundervolt demonstrates how academic researchers have found a real niche in CPU hacking. While academia often gets criticized for obscure or "out-of-touch" security research, he says, this type of hardware research resonates.

"I think when they focus on this hardware-level analysis, there's a really deep computer [science]," he says. "This seems to be something they are really good at."  

Related Content:

Check out The Edge, Dark Reading's new section for features, threat data, and in-depth perspectives. Today's top story: "The Next Security Silicon Valley: Coming to a City Near You?"

Kelly Jackson Higgins is the Executive Editor of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 9/25/2020
Google Cloud Debuts Threat-Detection Service
Robert Lemos, Contributing Writer,  9/23/2020
Shopify's Employee Data Theft Underscores Risk of Rogue Insiders
Kelly Sheridan, Staff Editor, Dark Reading,  9/23/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-26120
PUBLISHED: 2020-09-27
XSS exists in the MobileFrontend extension for MediaWiki before 1.34.4 because section.line is mishandled during regex section line replacement from PageGateway. Using crafted HTML, an attacker can elicit an XSS attack via jQuery's parseHTML method, which can cause image callbacks to fire even witho...
CVE-2020-26121
PUBLISHED: 2020-09-27
An issue was discovered in the FileImporter extension for MediaWiki before 1.34.4. An attacker can import a file even when the target page is protected against "page creation" and the attacker should not be able to create it. This occurs because of a mishandled distinction between an uploa...
CVE-2020-25812
PUBLISHED: 2020-09-27
An issue was discovered in MediaWiki 1.34.x before 1.34.4. On Special:Contributions, the NS filter uses unescaped messages as keys in the option key for an HTMLForm specifier. This is vulnerable to a mild XSS if one of those messages is changed to include raw HTML.
CVE-2020-25813
PUBLISHED: 2020-09-27
In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, Special:UserRights exposes the existence of hidden users.
CVE-2020-25814
PUBLISHED: 2020-09-27
In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, XSS related to jQuery can occur. The attacker creates a message with [javascript:payload xss] and turns it into a jQuery object with mw.message().parse(). The expected result is that the jQuery object does not contain an <a> ...