Security analysts discovered a huge hole in Intel’s read-only memory. Afterwards, they said that nobody can fix it. Moreover, this leaves all Intel’s devices exposed, except Intel’s latest 10th generation devices. The security company Positive Technologies discovered an error in Intel’s boot read-only memory (ROM). As a result, it makes each system with the hole susceptible to hacks.
Mark Ermolov, Positive Technologies’ lead specialist of OS and hardware security said in a blog post that they discovered the vulnerability in the ROM of the Intel Converged Security and Management Engine (CSME). This “jeopardizes everything Intel has done to build the root of trust and lay a solid security foundation on the company’s platforms,”, according to him. And he least of it is that it’s impossible to fix firmware errors, as they are hard-coded in the Mask ROM of microprocessors and chipsets. But “the larger worry is that, because this vulnerability allows a compromise at the hardware level, it destroys the chain of trust for the platform as a whole,” he added.
When the security company contacted Intel, the chip giant said it was aware of the hole.
The CMSE is responsible for the first authentication. Also, it loads and verifies the firmware of intel-based devices. So, this exposes the systems in the boot process. Further on, this means, according to Positive Technologies, that “hardware IDs will be forged, digital content will be extracted and data from encrypted hard disks will be decrypted.
An almost useless update
Although Intel updated a patch last month, Positive Technologies’ experts consider it can not fully fill the hole. They consider that there might be many ways to exploit this vulnerability. One way is that it “might require local access” such as malware. Others might need “physical access” to a computer target in question.
Intel acknowledged that it was notified of a vulnerability potentially affecting the Intel Converged Security Management Engine. So, they said that “an unauthorized user with specialized hardware and physical access may be able to execute arbitrary code within the Intel CSME subsystem on certain Intel products,” Leigh Rosenwald,Intel spokesperson, said in a statement.
As a result, the company recommends keeping systems up-to-date. But the hole in Intel’s read-only memory could give them a hard time
