Security researchers have discovered a new attack impacting modern Intel CPUs, which could allow an attacker to extract highly-sensitive information such as encryption keys from affected processors by altering their voltage. The attack, dubbed “Plundervolt,” centers around Intel Software Guard Extensions (SGX), a set of security-related instruction codes that are built into Intel CPUs. Intel SGX protects sensitive data such as AES encryption keys inside “enclaves,” which are physically separate from other CPU memory and are protected by software encryption.
However, researchers uncovered a way to target the safeguards used by PC operating systems (OS) to control processor voltage and frequency, tampering with then to alter the bits held inside Intel SGX and create exploitable glitches.
According to the researchers, with Plundervolt, these software interfaces can be exploited to undermine the system’s security. The researchers were able to corrupt the integrity of Intel SGX on Intel Core processors by controlling the voltage when executing enclave computations. This means that even Intel SGX’s memory encryption/ authentication technology cannot protect against Plundervolt.
Intel issued microcode and BIOs updates on Tuesday, parallel to the attack’s disclosure, for the high-severity vulnerability (CVE-2019-11157).
Intel recommends that users of affected Intel processors update to the latest BIOS version provided by the system manufacturer that addresses these issues. An SGX TCB key recovery is planned for later in Q1 2020.
The updates is available on:
Intel Security Advisory
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street