A research team specializing in cybersecurity has unveiled a new method for exploiting the Intel Software Guard Extensions (SGX), a crucial feature designed to secure sensitive data within modern Intel processors. Named Plundervolt and categorized as CVE-2019-11157, this attack leverages the ability to manipulate frequency and voltage settings of processors. By executing this manipulation, adversaries can induce memory errors, specifically bit flips, effectively compromising data integrity.
The phenomenon of bit flipping is not new; it is most notably associated with the Rowhammer attack, where attackers exploit the electrical properties of memory cells to alter their states. In the case of Plundervolt, the researchers articulate that while SGX enclave memory is encrypted, attackers can inject faults into the CPU’s processing before data is committed to memory. This presents a vulnerability allowing attackers to tamper with the data integrity of the SGX, thereby circumventing its inherent security mechanisms.
Unlike previous speculative execution attacks such as Foreshadow and Spectre, which aimed to breach the confidentiality of SGX data, Plundervolt targets the integrity of the enclave itself. The attack functions in a manner akin to another known technique, CLKSCREW, which exploits CPU energy management to bypass hardware security features.
In illustrative videos, the researchers have demonstrated how altering the voltage supplied to a specific processor can generate computational errors in the encryption algorithms utilized by SGX enclaves. This manipulation can allow attackers to decrypt sensitive SGX data effectively, with minimal computational effort. Specifically, the team was able to inject faults into SGX’s RSA-CRT and AES-NI implementations, effectively reconstructing full cryptographic keys.
According to the research findings, the Plundervolt attack can recover a full 128-bit AES key with an average computational complexity requiring only approximately 2^32 + 2^56 encryptions. The execution of this attack in practical conditions was completed in just a few minutes, confirming its feasibility and the pressing need for security measures.
Currently, all SGX-enabled Intel Core processors, beginning with the Skylake generation, are affected by this vulnerability. The research team, comprised of six European researchers from institutions like the University of Birmingham, reported their findings to Intel in June 2019. In response, Intel has released microcode and BIOS updates aimed at mitigating Plundervolt, locking the voltage to its default settings to strengthen security.
Intel’s advisory notes that while there have been no known exploits of this vulnerability in real-world scenarios, the company emphasizes the importance of timely updates to safeguard systems. The affected processors include a range of Intel Core and Xeon models. For further details, stakeholders are encouraged to consult Intel’s security advisory.
The researchers have also made a proof-of-concept available on GitHub and launched a dedicated website containing FAQs and a detailed technical paper that explores the Plundervolt attack in-depth. Business owners should note that with vulnerabilities like Plundervolt potentially compromised, adopting robust security measures aligned with frameworks such as the MITRE ATT&CK would be prudent. Techniques that may apply to this incident include initial access, privilege escalation, and impact on data integrity, highlighting the multifaceted nature of cybersecurity threats.
This incident underlines the evolving landscape of cybersecurity risks, where even perceived secure hardware can become a target for sophisticated attacks, making vigilance and immediate implementation of security patches essential for business operations.