Researchers have found a nasty bug in an essential component that is at the base of the entire cryptographic chain of trust in Intel systems. This vulnerability allowed to decrypt or modify everything on a machine. This flaw concerns all recent Intel chips.
Bad news for Intel chip users. Security researchers at Positive Technologies have discovered a flaw in the Boot ROM of the Converged Security and Management Engine (CSME). It’s a hardware memory component that is the basis of the entire cryptographic chain of trust for Intel computers. Executed at the very start of startup, this software – which is therefore impossible to correct – will generate the Trusted Platform Module (TPM). It’s a special memory area that allows encryption keys to be stored securely.
The CSME is also the cryptographic guarantor of the UEFI firmware (the successor to the BIOS) and of the Power Management Controller. In addition, it implements functions called “Enhanced Privacy ID”. It allows authentication of other protection systems on the computer, for example dedicated to securing content protected by copyright (DRM). In addition to financial transactions.
Intel chips: A flaw that cannot be corrected
This flaw concerns all recent Intel chips, with the exception of the latest generation. It allows to modify the execution of the CSME and potentially affects the security of all these technologies which depend on it. In particular, it would allow access to a hardware encryption key used to encrypt the Chipset Key. It’s a master key that is used to generate all the other encryption keys.“However, this [hardware] key is not specific to the platform. A single key is used for a whole generation of Intel chipsets (…). We believe that extracting this key is only a matter of time. When this happens, total chaos will reign. Hardware identifiers will be falsified, protected digital content will be extracted and encrypted data from hard drives will be decrypted, “said Positive Technologies in a blog note.
As this flaw is at the hardware level, the only solution to permanently remove the risk would be to change the hardware. Contacted by Positive Technologies, Intel nevertheless seeks to play down the situation. The American giant was already aware of this flaw, which was referenced under the number CVE-2019-0090. They believe that it can only be exploited through “physical access and special equipment”. A patch had also been released in 2019 to prevent potential attacks.
But Positive Technologies thinks that the Intel patch covers only one attack vector and that there are many others. In addition, the operation would not necessarily require physical access, but could be done through “local access”. Positive Technologies plans to publish a white paper soon which should provide more technical details on the subject.