Intel has been struggling to fix security flaws in its processors, with researchers warning the current flaw is “unfixable.”
Security firm Positive Technologies has discovered that one of the most recent issues is far more severe than previously thought. The vulnerability impacts the ROM of the Converged Security and Management Engine (CSME). The CSME is a subsystem chipset that is part of Intel’s Active Management Technology (AMT), and allows remote out-of-band management, useful for business and enterprise, but largely unnecessary for the consumer market.
According to Positive Technologies, the latest discovery has chilling ramifications:
“By exploiting vulnerability CVE-2019-0090, a local attacker could extract the chipset key stored on the PCH microchip and obtain access to data encrypted with the key,” reads the report. “Worse still, it is impossible to detect such a key breach. With the chipset key, attackers can decrypt data stored on a target computer and even forge its Enhanced Privacy ID (EPID) attestation, or in other words, pass off an attacker computer as the victim’s computer. EPID is used in DRM, financial transactions, and attestation of IoT devices.”
While Intel is recommending impacted users contact their motherboard manufacturer for a BIOS update, Positive Technologies is warning that will not fix the underlying issue.
“Since it is impossible to fully fix the vulnerability by modifying the chipset ROM, Positive Technologies experts recommend disabling Intel CSME based encryption of data storage devices or considering migration to tenth-generation or later Intel CPUs. In this context, retrospective detection of infrastructure compromise with the help of traffic analysis systems such as PT Network Attack Discovery becomes just as important.”
This is just the latest in a number of serious issues Intel has had with its recent chipsets, and could make offerings from AMD and ARM an increasingly appealing alternative.