Scientists working in European Universities have discovered a weakness in the chips manufactured by Intel that could potentially mark them for an attack. This attack, named Plundervolt, only alters one aspect of the chipset: the voltage.
Voltage powers the chipsets and is directly linked to the performance of the chips. Simply put, the higher the voltage, the more the output as well. Plundervolt targets that interface where users access to overclock their chipsets. Overclocking is the term used when a chipset is made to run at higher clock speeds than the manufacturers intended.
When a device is sold, the chipset installed in it comes with a maximum speed it can’t run more than that speed. Overclocking is a way of rewriting that maximum speed. It results in a processor running more operations per second than it used to before being overclocked. It is usually done by gamers/testers who are testing the chips’ maximum potential, or by users who need such output.
Plundervolt, by accessing this interface, can change the chips to need more voltage influx or vice versa. Scientists discovered this vulnerability by fluctuating the voltage and frequency being passed to the chips. This fluctuation in the voltage immediately affects Intel’s Software Guard Extension negatively.
Intel’s Software Guard Extension, or SGX in short, is a bunch of code related to the security of the device. Intel has the SGX in place to define certain areas as private portions in the memory, essentially encrypting the data into what is technically called ‘enclaves.’ SGX ensures that these enclaves are unable to be saved or read by any process of the device outside of itself.
The settings for SGX can be accessed on the BIOS level of the device. By lowering the voltage to the chipsets, Plundervolt can introduce faults into these protected memories, thereby leaving the memory unsecure and viable to be read and saved by outside processes.
This lowering of voltage directly results in bit flipping of the CPU, manipulating the data in the binary digits. Not only this, but Plundervolt could also be used to introduce bugs into your system that can then be used by the hackers remotely.
Now that we have the scary part out of the way let’s get to the positive news on this. Plundervolt cannot be activated remotely, meaning that someone has to have access to your device and acquire root privileges.
So keep your devices closer than you would otherwise. Secondly, Intel is aware and is working on this problem. As of December 11, 2019, Intel has tagged Plundervolt as CVE-2019-11157 and has released a list of the CPUs that could be potentially targeted. Currently, the following have been identified:
- Intel Xeon Processor E3 v5 & v6
- Intel Xeon Processor E-2100 & E-2200 families
- Intel 6th, 7th, 8th, 9th, and 10th generation CoreTM processors
Intel has also released patches for users to lock the voltage and the control interface itself from the BIOS level. Clearly, this is a case of possible threat to people trading in cryptocurrency as the very sanctity of it is under threat. One can only ever remain vigilant and not postpone the updates to BIOS and security definitions as and when they are released.