Security researchers have discovered a new security flaw on Intel CPUs that “jeopardizes” Intel’s root of trust. According to security researchers at Positive Technologies, the new vulnerability affects Intel CPUs released in the past five years.
The vulnerability is apparently unfixable and impossible for antivirus software to detect. Intel has confirmed the existence of the flaw, but has downplayed the impact of the vulnerability.
The flaw is in Intel’s Converged Security and Management Engine or CMSE system that is found in Intel chips. The purpose of CMSE is to implement the Trusted Platform Module that’s used for authentication of UEFI BIOS firmware, silicon-based encryption, Microsoft BitLocker, and other security features, notes Ars Technica.
However, due to a flaw in the CMSE subsystem, attackers with physical access to a computer can exploit the subsystem to execute malicious code that could run with the highest of system privileges. As a result, attackers who are able to exploit the flaw can get around DRM protections, and can potentially extract the chipset encryption key which could enable the attacker to carry out further attacks.
There are a number of different technical components and security layers involved here, so if you are interested in the complete breakdown of how this flaw actually works, you should read the report from Positive Technologies here.
Intel has responded to the discovery and has already released patches to block one potential attack vector, stating that the flaw can only be exploited with physical access to the system. “Intel was notified of a vulnerability potentially affecting the Intel Converged Security Management Engine in which an unauthorized user with specialized hardware and physical access may be able to execute arbitrary code within the Intel CSME subsystem on certain Intel products,” a spokesperson for the company said.
Intel has found a number of vulnerabilities on its chips since the Meltdown and Spectre vulnerabilities back in 2018. And although the latest flaw is a lot less significant than Meltdown/Spectre, it could still be a major threat for some. “This vulnerability jeopardizes everything Intel has done to build the root of trust and lay a solid security foundation on the company’s platforms,” claimed the security researchers.