Security News > 2020 > April > Starbleed: Flaw in FPGA Chips Exposes Safety-Critical Devices to Attacks

Starbleed: Flaw in FPGA Chips Exposes Safety-Critical Devices to Attacks
2020-04-20 19:27

A potentially serious vulnerability discovered by researchers in Field Programmable Gate Array chips can expose many mission- and safety-critical devices to attacks.

A team of researchers from Germany's Horst Görtz Institute for IT Security at Ruhr-Universität Bochum and the Max Planck Institute for Security and Privacy discovered that FPGA chips are affected by a critical vulnerability - they have named it Starbleed - that can be exploited to take complete control of the chips.

In order to exploit the weakness, an attacker would need to have access to the targeted device's JTAG or SelectMAP interfaces, but the researchers warned that remote attacks may also be possible.

The attack results in full decryption against 7-series Xilinx devices and partial decryption against Virtex-6 devices.

Xilinx noted in its advisory that "The complexity of this attack is similar to well known, and proven, DPA attacks against these devices and therefore do not weaken their security posture."


News URL

http://feedproxy.google.com/~r/Securityweek/~3/gQDPKngfSTk/starbleed-flaw-fpga-chips-exposes-safety-critical-devices-attacks