Security News > 2023 > May > Some potential: How bad software updates could over-volt, brick remote servers

Presenting at Black Hat Asia 2023, an infosec researcher detailed how remote updates can be exploited to modify voltage on a Supermicro motherboard and remotely brick machines.

Voltpillager was not a remote attack and required physical proximity, such as a rogue employee, so was limited in threat scope.

Plundervolt, while possibly remote, required privileged access to the operating system and BIOS. Intel issued firmware updates to prevent Plundervolt, but stated that techniques that require an attacker to physically open a case, such as Voltpillager, were not considered vulnerabilities.

It allows the same data extraction as its predecessor attacks, but through the BMC flash memory chip.

The two researchers, Zitai Chen and David Oswald, said in a January academic publication that "Undervolting through the PMBus allows breaking the integrity guarantees of SGX enclaves, bypassing Intel's countermeasures against previous undervolting attacks like Plundervolt."

Arm acknowledges side-channel attack but denies Cortex-M is crocked Millions of mobile phones come pre-infected with malware, say researchers Intel's SGX cloud-server security defeated by $30 chip, electrical shenanigans Two Microsoft Windows bugs under attack, one in Secure Boot with a manual fix.

News URL

https://go.theregister.com/feed/www.theregister.com/2023/05/15/pmfault_attack/