Vulnerability in Intel CPUs can be exploited by SGAxe and CrossTalk attacks

A recent research has revealed a certain vulnerability in Intel CPUs that can be exploited by hackers.

The vulnerability can cause breach of sensitive data present in CPU’s trusted execution environment (TEE). SGAxe attack (CVE-2020-0549) is used by the attackers to retrieve the contents from the CPU’s L1 cache. The second attack is the CrossTalk attack that allows the attackers to remotely execute codes in CPU core of the system.

A TEE, like Intel’s Software Guard Extensions (SGX), refers to a secure enclave, an area within a processor that ensures confidentiality and integrity of code and data. It offers safeguards against the modification of sensitive software and data by malicious actors that may have broken into the target machine.

The SGAxe attack, as a result, results in a transient execution attack that can recover SGX cryptographic keys from a fully updated Intel machine, which is trusted by Intel’s attestation server. The SGAxe attack simply takes the security aspect away from the Intel CPUs.

Intel has released patches for the vulnerabilities and will also perform trusted computer base recovery to ensure the security by invalidating all previously signed attestation keys. The CrossTalk performs transient execution in different cores of the CPU and works by reading the staging buffer during transient execution in order to leak sensitive data accessed by previously executed victim instructions.

Intel has addressed the issue in a micro code circulated and have asked all the victims to update the firmware to its latest version so that the vulnerabilities can be patched properly.

Use NPAV and join us on a mission to secure the cyber world.

 

Sharing is caring!

Leave a Reply

Your email address will not be published. Required fields are marked *

*