Another Intel Speculative Execution Vulnerability

2020-06-11 11:40

There will be vulnerabilities that will allow attackers to manipulate or delete data across processes, potentially fatal in the computers controlling our cars or implanted medical devices.

The new SGX attacks are known as SGAxe and CrossTalk.

Both break into the fortified CPU region using separate side-channel attacks, a class of hack that infers sensitive data by measuring timing differences, power consumption, electromagnetic radiation, sound, or other information from the systems that store it.

The assumptions for both attacks are roughly the same.

An attacker has already broken the security of the target machine through a software exploit or a malicious virtual machine that compromises the integrity of the system.

News URL

https://www.schneier.com/blog/archives/2020/06/another_intel_s.html

#intel #vulnerability

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Intel		6830	274	757	406	28	1465