Intel’s back in the spotlight again! Not for a good reason. Researchers uncovered another exploit for the Intel chips called “PlunderVolt.” It seems Intel’s security team isn’t getting a break after more. Intel’s chips have been garnering some attention on the internet for their security exploits. Like PlunderVolt, there are several other exploits like Zombieload, Spectre, meltdown, and more.
PlunderVolt exploit the unlocked processor and Intel’s SGX
The Plundervolt exploit allows an attacker to gain access to the victim’s information by undervolting the CPU and breaking the Intel’s Software Guard Extension (SGX) algorithm. Intel‘s SGX is a set of security-related instruction codes built into the modern Intel CPUs. In simple words, the Intel SGX protects the sensitive information in the enclaves. Attackers attack these enclaves to gain access to the user sensitive information and security keys. The exploit was first reported on June 7th 2019, by several University and research groups
How does PlunderVolt work?
The PlunderVolt exploit depends on your CPU. The PlunderVolt attack requires an infected application on the computer with root privileges with the system and the SGX enclaves. The privileges give the attacker access to the enclaves and motherboard. After gaining root access, the attackers undervolts the CPU executing commands and codes inside the enclaves. The executed commands then try to modify the algorithm of the enclaves from the inside. While modifying the algorithm, the SGX spits out an error. The error comes with the security and decryption AES keys/information. This vulnerability is similar to Voltjockey and CLKScrew (They are based for the ARM based chips). The attackers can’t use this execute the exploit from the web or making a virtual desktop machine in the victim’s device.
Precaution and Patching the loophole:
The attackers can attack overclockable CPU systems and the SGX enabled systems. Intel advised users to lock their overclocking multiplier (the clock speed) or to disable SGX from the BIOS settings in the motherboard. Intel has already released the patch fixing the PlonderVolt exploit. The SGX exploit got patched, but still, it doesn’t insue the problem getting totally fixed. This patch is kinda of a messy situation as you can overclock your CPU unless you disable SGX. Even after disabling SGX, Intel will still lock your CPU clock speed to avoid getting attacked.
Ah! Intel. After losing most of their market shares to AMD, Intel faced another problem with its security side. Intel also lost its CPU dominance and failed to launch their 10nm Desktop CPU. Intel stated releasing the 7nm processors but still will need more time for manufacturing. Let’s hope the new Intel processors won’t face such problems, or Intel should implement making security-focused CPU like the AMD Ryzen Pro series.