Skip to main content

Many Intel chipsets left at risk by security flaw

(Image credit: Future)

Security researchers at Positive Technologies have discovered a vulnerability in Intel's Converged Security and Management Engine (CSME).

The flaw can allow hackers to decrypt all of the information stored on a target computer, or even pass off their own computer as the victim's device.

The issue is said to be impossible to detect and it seems the flaw can never be fully eliminated. The only sure-fire fix is to either disable Intel CSME-based encryption of data storage devices, or move to a tenth-generation Intel CPU or later.

The vulnerability (also know as CVE-2019-0090) can allow attackers to extract the chipset key stored on the PCH microchip and obtain access to data encrypted with the key.

Common data protection technologies, which rely on hardware keys for encryption (think DRM, firmware TPM or Intel Identity Protection) could all be compromised thanks to the vulnerability, researchers have said.

Intel recommends users of Intel CSME, Intel SPS, Intel TXE, Intel DAL, and Intel AMT contact their device or motherboard manufacturer and update either their microchips or BIOS.

"The vulnerability resembles an error recently identified in the BootROM of Apple mobile platforms, but affects only Intel systems. Both vulnerabilities allow extracting users' encrypted data,” explained Mark Ermolov, Lead Specialist of OS and Hardware Security at Positive Technologies.

“Here, attackers can obtain the key in many different ways. For example, they can extract it from a lost or stolen laptop to decrypt confidential data."

"In some cases, attackers can intercept the key remotely, provided they have gained local access to a target PC as part of a multistage attack, or if the manufacturer allows remote firmware updates of internal devices, such as Intel Integrated Sensor Hub," he added.