Security News > 2020 > November > Intel's SGX cloud-server security defeated by $30 chip, electrical shenanigans
Plundervolt is a software-based attack on recent Intel processors running SGX enclaves that lowers the voltage to induce faults or errors that allow the recovery of secrets like encryption keys.
Half the point of SGX is to protect sensitive code and data from rogue server administrators when said servers are out of reach and in someone else's data center - such as a cloud provider's - and yet it is possible for someone at a cloud provider with physical access to a box to jolt an Intel processor into breaking its SGX protections.
"This attack is quite relevant because it is often claimed that SGX can defend against malicious insiders/cloud providers," said David Oswald, a lecturer in the security and privacy group at the University of Birmingham, and one of the paper's co-authors, in an email to The Register.
Oswald pointed to what Intel says about Microsoft Azure DCsv2-series virtual machines running on Intel Xeon E processors with SGX: "Even cloud administrators and datacenter operators with physical access to the servers cannot access the Intel SGX-protected data."
The researchers disclosed the attack to Intel in March, and were told that "Opening the case and tampering of internal hardware to compromise SGX is out of scope for SGX threat model. Patches for CVE-2019-11157 were not designed to protect against hardware-based attacks as per the threat model." So there goes that whole promise for Microsoft Azure, then.
News URL
https://go.theregister.com/feed/www.theregister.com/2020/11/14/intel_sgx_physical_security/
Related news
- How AI Is Changing the Cloud Security and Risk Equation (source)
- Strategies for CISOs navigating hybrid and multi-cloud security (source)
- Security Flaws in Popular ML Toolkits Enable Server Hijacks, Privilege Escalation (source)
- Enhancing visibility for better security in multi-cloud and hybrid environments (source)
- Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks (source)
- AWS unveils cloud security IR service for a mere $7K a month (source)
- Are Long-Lived Credentials the New Achilles’ Heel for Cloud Security? (source)
- Best CSPM Tools 2024: Top Cloud Security Solutions Compared (source)
- CrowdStrike vs Wiz: Which Offers Better Cloud Security and Value? (source)
- CISA Mandates Cloud Security for Federal Agencies by 2025 Under Binding Directive 25-01 (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-12-16 | CVE-2019-11157 | Unspecified vulnerability in Intel products Improper conditions check in voltage settings for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege and/or information disclosure via local access. | 6.7 |