A vulnerability was found in most of the Intel chipsets released in the last five years that could allow an attacker to extract the chipset key stored on the PCH microchip and obtain access to data encrypted with the key.
The issue, CVE-2019-0090, was found by Positive Technologies and resides in the Intel Converged Security and Management Engine. Positive Technologies has informed Intel of the problem.
The company said any breach utilizing the vulnerability would be impossible to spot and once an attacker used it to gain entry he could decrypt data stored on the target computer or even forge its Enhanced Privacy ID attestation, which is used in digital rights management, financial transactions and when working with IoT devices. Additionally, this would enable attackers to pass off their computer as the victim’s.
“Attackers can exploit the vulnerability on their own computers to bypass content DRM and make illegal copies. In ROM, this vulnerability also allows for arbitrary code execution at the zero level of privilege of Intel CSME. No firmware updates can fix the vulnerability,” Positive Technologies reported.
Instead, Intel recommends those using Intel CSME, SPS, TXE, DAL and AMT contact their device or motherboard manufacturer for microchip or BIOS updates to address the vulnerability. However, even these measures will not fully fix the problem.
“Positive Technologies experts recommend disabling Intel CSME based encryption of data storage devices or considering migration to tenth-generation or later Intel CPUs,” the company said.
