Gadgets

Plundervolt - a new vulnerability in Intel processors (2 videos)


Attackers are constantly looking for originalapproaches to penetrate computer systems to extract sensitive data. The new vulnerability, recently discovered by experts and called Plundervolt, exploits the desire of enthusiasts to change the voltage and frequency of Intel processors directly from the operating system, which makes it possible to overclock the system.

Plundervolt hackers also useFrequency and voltage mechanisms for Intel processors to retrieve data from the SGX secure enclave. According to Intel developers, the Software Guard Extensions team provides additional protection for application code and data, preventing them from changing. The most significant information is placed in enclaves, which are execution areas in memory with additional protection.


This specially protected area of ​​the processorused by Intel to store the most valuable information, such as, for example, AES encryption keys. This part is physically allocated from other memory inside the central processor, and is additionally protected by software encryption, which complicates the implementation of hacking and access to data.

However, the new Plundervolt vulnerability provides attackers with the ability to obtain information from a protected area even faster than was possible with hacks such as Meltdown or Specter.

Plundervolt attack mechanism based on changeprocessor voltage and frequency (voltage drops), which leads to a change in bits in SGX. This leads to errors that lead to the possibility of reconstructing data using attack methods on third-party channels. Plundervolt attacks use the fundamental concepts of VoltJockey and CLKscrew attacks.

Experts say Plundervolt vulnerabilityIt affects Intel processors of the 6th, 7th, 8th, 9th and 10th generations, as well as the Xeon E3, v5, v6, E-2100 and E-2200 families. When hacking requires access to the system with root or administrator rights, which makes remote hacking more difficult, but possible, which requires a combined attack delivering a malicious application with Plundervolt.


To mitigate Intel vulnerabilitiesreleased a microcode and BIOS update. However, it is not known how these updates will affect system performance. It is known that the update provides for the deactivation of voltage and frequency settings inside the operating system, which makes overclocking impossible.

Source: tomshardware