Latest plunder volt attacks manipulates CPU voltage to hijack Intel SGX

Cyber security researchers discover an unique way tohijack Intel SGX, a hardware-isolated trusted space on modern Intel CPUs that encrypts sensitive data to protect it from harsh hacking attacks.

Cyber security researchers discover a unique way tohijack Intel SGX, a hardware-isolated trusted space on modern Intel CPUs that encrypts sensitive data to protect it from harsh hacking attacks.

It is called Plunder volt and tracked as CVE-2019-11157. It banks upon the technical attribute that modern processors allowenabling frequency and voltage to be changed as needed which the researchers say can be monitored in a limiting fashion to induce errors in the memory by flipping bits.

Bit flip is a technical phenomenon popularly reputed for the Rowhammer attack where attackers hijack vulnerable memory cells by altering their value from 1 to a 0, or vice versa—all by manipulating the electrical charge of neighboring memory cells. However, since the Software Guard Extensions (SGX) enclave memory is encrypted, the Plundervolt attack leverages the same idea of flipping bits by in fusing faults in the CPU before they are written to the memory.

To achieve its target, Plundervolt resorts to a lesser known technique named CLKSCREW, a previously documented attack vector that exploits energy management of CPU to breach hardware security mechanisms and influence a targeted system. The modus operandi is by quietlyincreasing or decreasing the voltage delivered to a targeted CPU, with the help of which an attacker can trigger computational faults in the encryption algorithms used by SGX enclaves thus enabling attackers to easily decrypt SGX data.

Plundervolt attack, which corrupts all SGX-enabled Intel Core processors starting with the Skylake generation, was found out and intimated to Intel in June 2019 by a team of six European researchers from the University of Birmingham, Graz University of Technology, and KU Leuven.They have releaseda proof-of-concept (PoC) on GitHub, a dedicated website with FAQs and detailed technical paper [PDF] titled, Plundervolt: Software-based Fault Injection Attacks against Intel SGX.

As against the research findings Intel released microcode and BIOS updates to combat Plundervolt by locking voltage to the default settings, along with 13 other high and medium severity vulnerabilities.

• Intel 6th, 7th, 8th, 9th & 10th Generation Core Processors
• Intel Xeon Processor E3 v5 & v6
• Intel Xeon Processor E-2100 & E-2200 Families

In a world infested with cyber threats it is essential to entrust your system to experienced ethical hackers who employ the same techniques of malicious hackers to combat the evils effects of hacking.

ISOEH has been the most trusted skill development institute for ethical hackers. Click here to know more about ISOEH.

Tweet

Share