It seems that the way that Intel has made their ‘Boot Rom’ has the potential for unfixable security breach in millions of Intel CPU’s in the future.
The problem comes when switching on an Intel system with a few milliseconds and it all comes down to the ‘Management Engine’ or known as CSME.
This is a mini computer within an Intel CPU, comprising of a 486 processor (latest version found in newer chips), RAM, it’s own code in boot ROM and full access to the rest of the machine. It’s basically a tiny computer that does background stuff for the whole system.
It works beneath the Operating System so it doesn’t even see it or acknowledge it. This small computer does ultra low stuff such as:
- Bringing up the Computer.
- Controlling power levels.
- Starting the main computer chips, CPU, chipset and any cores within them.
- Booting and Verifying the Motherboard firmware
- Runnning any DRM, Cryptographic functions.
The Exploit:
The exploit is based on one ‘Master Key’ that is hardcoded into each Intel CPU,. hence the unfixable status as it would require new silicon to close this exploit.
One of the first things when starting up the machine is the small computer has to set up memory protections in it’s built in RAM, so there is a tiny window of being vulnerable to attack. This is because the CSME has to install these protections in the form of IOMMU (In/Out Memory Module Unit.)
During this time though, any hardware on said motherboard, physically attached and/or present on the motherboard can fire a DMA transfer into the CSME’s private RAM if it wants to. Which brings about the issue of the exploit.
Since there is only an hardcoded ‘master key’ to open up the CSME, someone could figure out this ‘master key’ over time by attacking by sniping that tiny window where the CPU is preparing it’s security. Those willing to do that can do so on CPU’s that they own and chipsets on their own motherboards.
Once again the IOMMU is read only and cannot be patched. So once this is worked out and cracked, the system is pretty much non-secure. The CSME even allows incoming traffic through the various input/output connectors such as USB, WiFi, Ethernet so potentially anyone with said ‘master key’ can gain control of a system/server.
What damage could be done:
Pretty much anything.
Decrypting files, deleting/modifying files, uploading/downloading file content, modifying/deleting UEFI and so on. All without knowledge of the owner of said machine as once again the CSME is ultra low level stuff and the OS and Kernel can’t see it or control it.
The weakness was found and reported to Intel by Positive Technologies who have prodded and poked the CSME for a while now since Meltdown was detected.
Intel attempted to patch this with CVE-2019-0090 but Positive reckon there are other ways in.
For now, systems are secure but the vulnerablity is still there. This is a case of when hackers will be able to get through to find the ‘master key’ which is a single key used across a current chipset. 3rd Gen, 4th Gen, 5th Gen up to 9th Gen. (How they thought one unchangable ‘master key’ was a good idea I don’t know)
For full control of EPID they would need to:
- Extract hardware key during period it is stored in unprotected memory.
- The Hardware Key is used to decrypt the Chipset Key aka the CPU.
- The Hardware Key is hardcoded and cannot be patched or changed.
- The Chipset Key resides in Secure Key Storage (SKS)
Extracting the Hardware key is only a matter of time, due to this being unpatchable.
Should you worry:
No, not really, it is a concern and something to be looked on if this affects other longer term hardare such as Xeons which are used in servers. It is also unknown if Intel will have an actual fix in later CPU’s such as 10th Gen but would require a new way of securing such parts of the CPU that cannot be accessed in such ways.
Intel has said, install latest security patches, make sure your hardware is maintained physically by the owners. Which is good advice but considering no one needs access to your machine to do this and can figure it out with another 9th Gen intel system.
For now it’s safe. The key’s haven’t been hacked yet and we don’t even know if someone is working on trying to extract said key. But it is something to keep an eye on developments and of course see how newer CPU’s come out from Intel have worked progressively to close this security hole up in future.
But that takes a new design of their silicon and a complete redesign of their CSME.
Would post a link to news story on this but not enough points so, go find it on theregister co uk site.