AMD Chips have Critical Security Flaws like Spectre and Meltdown

After Spectre and Meltdown, now researcher have found another critical security vulnerability on another Chipset Processor vendor, AMD. Researcher have discovered critical security flaws in AMD chips that could allow attackers to access sensitive data from highly guarded processors across millions of devices. This discovery is more worst because the bug resides in the secure part of the Processor, where all the sensitive data like passwords and encryption keys were stored.

A Israel based security firm CTS-Labs have notified 13 security vulnerabilities on AMD Chips including AMD's Ryzen and EPYC processors. CTS-Labs noted that the vulnerability allows attacker to access stored sensitive data as well as also install malware on them.

CTS-Labs have reported all the 13 vulnerabilities to AMD and as per the standard vulnerability disclosure ADM have 90 days of dead line to fix them up.
CTS-Labs co-founder and Chief Financial Officer Yaron Luk-Zilberman mentioned that these new vulnerabilities were divided into four category. All essentially allow an attacker to target the secure segment of a processor, which is crucial to protecting the sensitive information on your device.
  • Master Key - Masterkey is a set of three vulnerabilities allowing three distinct pathways to bypass Hardware Validated Boot on EPYC and Ryzen and achieve arbitrary code execution on
    the Secure Processor itself. The vulnerabilities allow malicious actors to install persistent malware inside the Secure Processor, running in kernel-mode with the highest possible permissions. After this malware is able to bypass Secure Boot and inject malicious code into the BIOS or operating system, as well as to disable any firmware based security features within the Secure Processor itself.
  • Ryzenfall - This vulnerability specially affects AMD's Ryzen chips and would allow malware to completely take over the secure processor. In short, successful exploitation of the Ryzenfall able to access protected data, including encryption keys and passwords. These of the part of the processor where a normal users didn't have access.
  • If the attacker somehow able to bypass security feature called Windows Defender Credential Guard, which was introduced in Windows 10 Enterprise Edition then attacker could use the stolen data to spread to other computers within a network. 

  • Fallout - Fallout vulnerability only affects devices using AMD's EPYC secure processor. Fallout also allows attackers to access protected data sections, including Credential Guard. AMD EPYC chips are used for data centers and cloud servers, connecting computers used by industries around the world. If attackers used the vulnerabilities described in Fallout, they could steal all the credentials stored and spread across the network.
  • "These network credentials are stored in a segregated virtual machine where it can't be accessed by standard hacking tools," said CTS-Labs CEO Ido Li On.  
  • Chimera - Chimera comes from two different vulnerabilities, one in firmware and one in hardware.
    The Ryzen chipset itself allows malware to run on it. Because Wi-Fi, network and Bluetooth traffic flows through the chipset, an attacker could use that to infect your device, the researchers said. In a proof-of-concept demonstration, they said, it was possible to install a keylogger, which would allow an attacker to see everything typed on an infected computer.
Video Demonstration

What You Can Do?
 Obviously, after reading this, you all looking for the fix of the bug or precautions. But I like to mention that at this stage we cannot do anything to mitigate the issue.  As AMD security team is looking into the issues and we can expect patch soon .

Just keep in touch with us for the latest updates on this. You can also subscribe our mailing list for getting updates on your inbox. You can also check this White paper for detail information over the vulnerabilities. 

Post a Comment

With ❤️ Cyber Kendra