Casa > cibernético Notícias > CVE-2018-3655 Vulnerability Enables Disclosure of Intel ME Encryption Keys
CYBER NEWS

CVE-2018-3655 Vulnerabilidade Permite Divulgação de Intel ME chaves de criptografia

Outro dia, outra vulnerabilidade. Intel acaba de lançar atualizações de firmware para uma vulnerabilidade (CVE-2018-3655) na Intel Converged segurança e gerenciamento do motor (CSME). A falha de segurança permite que ameaça atores para recuperar, modificar, or delete data stored on Intel’s CPU chip-on-chip system.




CSME, also known as Management Engine BIOS Extension, contains a list of components such as the Intel Management Engine (MIM) used with mainstream Intel chipsets, the Server Platform Services (SPS) used for servers, and the Trusted Execution Engine (TXE) used as a remote management engine for tablets and embedded devices.

além disso, Intel ME, SPS, and TXE are designed to work as a separate computer on top of the main Intel CPU. These components have their own stripped-down OS, memória, network interface, and storage system.

Positive Technologies experts Mark Ermolov and Maxim Goryachy who discovered the vulnerabilities explicado specifically for Intel ME that:

Intel ME (abreviatura de “Mecanismo de Gerenciamento”) stores data with the help of MFS (which likely stands forME File System”). MFS security mechanisms make heavy use of cryptographic keys. Keys differ in purpose (confidentiality vs. integrity) and degree of data sensitivity (Intel vs. non-Intel).

It should be noted that the most sensitive data is protected by Intel Keys, with Non-Intel Keys used for everything else. Em resumo, four keys are used: Intel Integrity Key, Non-Intel Integrity Key, Intel Confidentiality Key, and Non-Intel Confidentiality Key.

De fato, the very same researchers gained access to these keys access in 2017. Naquela época, they used a security flaw in JTAG, a debugging interface, to recover the four encryption keys deployed by Intel ME, SPS, and TXE.

In the current scenario, the researchers relied on the same attack mechanism with the only difference that they leveraged the vulnerability to uncover the two Non-Intel keys. With this new attack, they obtained access to the immutable non-Intel root secret as well as the Intel Security Version Number (SVN).

Intel has already issued a patch with the ME, SPS, and TXE firmware updates to address this vulnerability. The vulnerability itself is known as CVE-2018-3655. It is described as an escalation of privilegeand information disclosure vulnerability with high severity rating and impact.

Here is the official description of CVE-2018-3655:

A vulnerability in a subsystem in Intel® CSME before version 11.21.55, Intel® Server Platform Services before version 4.0 and Intel® Trusted Execution Engine Firmware before version 3.1.55 may allow an unauthenticated user to potentially modify or disclose information via physical access.

Milena Dimitrova

Milena Dimitrova

Um escritor inspirado e gerente de conteúdo que está com SensorsTechForum desde o início do projeto. Um profissional com 10+ anos de experiência na criação de conteúdo envolvente. Focada na privacidade do usuário e desenvolvimento de malware, ela acredita fortemente em um mundo onde a segurança cibernética desempenha um papel central. Se o senso comum não faz sentido, ela vai estar lá para tomar notas. Essas notas podem mais tarde se transformar em artigos! Siga Milena @Milenyim

mais Posts

Me siga:
Twitter

Deixe um comentário

seu endereço de e-mail não será publicado. Campos obrigatórios são marcados *

Compartilhar no Facebook Compartilhar
Carregando...
Compartilhar no Twitter chilrear
Carregando...
Compartilhar no Google Plus Compartilhar
Carregando...
Partilhar no Linkedin Compartilhar
Carregando...
Compartilhar no Digg Compartilhar
Compartilhar no Reddit Compartilhar
Carregando...
Partilhar no StumbleUpon Compartilhar
Carregando...