Researchers detected a new exploit called Plundervolt impacting Intel desktop, server, and mobile CPUs by electrical manipulation on the scale of millivolts, which needs to be applied at the right microsecond.
Academics from three universities across Europe have discovered a new attack that impacts the integrity of data stored inside Intel SGX, a highly-secured area of Intel CPUs. Attackers tinker with the actual amount of electricity being fed to the chip; by this way, they trick it into giving up its innermost secrets.
Electrical manipulation at the right microsecond
Academics say that they can alter bits inside SGX to cause errors that can be exploited at a later point after the data has left the security of the SGX enclave. In addition to this, Plundervolt can be used to recover encryption keys or introduce bugs in previously secure software.
Intel published a full list of vulnerable CPUs. The company has also released microcode (CPU firmware), and BIOS updates today that address the Plundervolt attack. GitHub will release proof-of-concept code for reproducing attacks.
It’s a primitive but also quite sophisticated attack because it is an electrical manipulation on the scale of millivolts, which needs to be applied at exactly the right microsecond.
According to researchers, Intel can mitigate this exploit with updates at the BIOS and microcode level — the kind of thing that many users will never bother to go through with. However, they also note that fortunately, for critical systems, there will be a way to verify that the exploit has been patched when establishing a trusted connection with another device.
Installing security updates is recommended
Intel downplayed the seriousness of the attack, saying:
“We are aware of publications by various academic researchers that have come up with some interesting names for this class of issues, including ‘VoltJockey’ and ‘Plundervolt,’ it wrote in a blog post acknowledging the existence of the exploit. We are not aware of any of these issues being used in the wild, but as always, we recommend installing security updates as soon as possible.”
The researchers who discovered and documented Plundervolt hail from the U.K.’s University of Birmingham, Graz University of Technology in Austria, and KU Leuven in Belgium. They are presenting their paper at IEEE S&P 2020.