37 hardware and firmware vulnerabilities: A guide to the threats

Meltdown and Spectre raised the alarm over vulnerabilities that attackers can exploit in popular hardware and its firmware. This list, though not comprehensive, presents the most significant threats.

1 2 Page 2
Page 2 of 2

Intel released CPU microcode updates to mitigate the vulnerability for critical instructions such as RDRAND, RDSEED, and EGETKEY that locks the entire memory bus until the staging buffer is cleared. This operation adds a significant performance overhead, which is why it was only introduced for certain instructions.

Spectre-BHI - CVE-2022-0001, CVE-2022-0002 and CVE-2022-23960

Spectre-BHI (Branch History Injection) or Spectre-BHB (Branch History Buffer), is an attack disclosed in March 2022 by researchers from VU Amsterdam that's a variation of the original Spectre v2 or Spectre-BTI (Branch Target Injection) attack and impacts Intel and ARM CPUs. Like Spectre-BTI, the new attack variation can leak sensitive information from the kernel's memory but does so by poisoning the global history of the CPU predictor, which bypasses the hardware defenses introduced by CPU vendors.

By exploiting the original Spectre v2 flaw attackers could actually inject target code locations and then trick the kernel to execute that code, but with the new Spectre-BHI attack, they have to leverage code gadgets and snippets that already exist in the history because they were executed in the past and which might leak interesting data. This makes Spectre-BHI exploitation harder, but the technique shows the Spectre attack surface is larger than previously believed.

To demonstrate the attack, the researchers abused eBPF, a technology available in Linux since kernel 4.4 that allows the execution of sandboxed programs inside the kernel. If enabled, this mechanism makes it very easy to exploit speculative execution issues like Spectre-BHI Linux, but disabling it does not completely mitigate the issue as other gadgets can be found to leak data.

Retbleed - CVE-2022-29901 and CVE-2022-29900

Retbleed is an attack technique disclosed in July 2022 by researchers from Swiss university ETH Zurich that exploits the speculative execution feature of Intel and AMD CPUs and circumvents some of the software defenses operating systems put in place to prevent previous exploits like Spectre.

The original Spectre attacks from 2018 and later triggered branch target speculation by using indirect jumps or calls, so Google researchers at the time proposed a software defense mechanism called retpoline that replaced indirect jumps and calls in software with return instructions. Returns were believed to be impractical to exploit because normally they don't trigger speculative execution, but Retbleed proves that they can under certain conditions, like when executing deep call stacks to underflow the return stack buffer. The researchers demonstrated their attack on Linux where they found over 1,000 conditions that could allow for this.

Intel refers to Retbleed as Return Stack Buffer Underflow (RSBU) and said that systems that use its hardware mitigations, namely indirect branch restricted speculation (IBRS) or enhanced IBRS (eIBRS), are protected against the attack. Only systems that rely solely on the retpoline software mitigation for performance reasons, or which use older CPUs that don't have the hardware mitigation, are impacted. AMD considers the attack part of a larger class of microarchitectural misbehavior dubbed Branch Type Confusion (CVE-2022-23825).

Hertzbleed - CVE-2022-23823 and CVE-2022-24436

Hertzbleed is a new family of side-channel attacks affecting Intel, AMD and possibly ARM CPUs that was disclosed in June 2022 by a team of academic researchers from University of Texas at Austin, University of Illinois Urbana-Champaign and University of Washington. It stems from dynamic frequency scaling, a feature in modern CPUs that is used to reduce power consumption and ensure the CPU stays below thermal and power limits. The researchers who discovered the attack show that different computations can use different CPU frequencies depending on the data that's being processed.

Power analysis attacks are not new, but they are typically local and require some sort of power measurement interface in order to monitor differences between computations and infer details about what's being processed. This side-channel technique has been used before to leak cryptographic secrets such as keys.

Hertzbleed, however, shows that frequency scaling generates timing differences in computations and these can be observed even remotely without any power measurement interface. The novelty is that Hertzbleed works even against so-called constant time cryptographic implementations that were intentionally designed to prevent leaking information through timing analysis.

The researchers used Hertzbleed to implement a novel chosen-ciphertext attack against SIKE (Supersingular Isogeny Key Encapsulation), a post-quantum key encapsulation mechanism that is also a NIST competition finalist and is implemented as constant time. The team was able to  perform a full key extraction via remote timing.

Intel published guidance for developers of cryptographic libraries to mitigate Hertzbleed using software countermeasures. Another possible mitigation is to disable "Turbo Boost" at runtime on the system, but this has a significant system-wide performance impact.

DRAM memory Rowhammer attacks

  1. Rowhammer
  2. Rowhammer.js
  3. Drammer - CVE-2016-6728
  4. Flip Feng Shui
  5. ECCploit
  6. Throwhammer
  7. RAMBleed

Rowhammer

Rowhammer is a physical effect with security implications that occurs inside SDRAM chips when the same physical row of memory cells is read for a large number of times in rapid succession -- an action dubbed hammering. This can cause electric charges from cells in the hammered row to leak into adjacent rows, modifying the value of the cells in those rows. This is known as bit flipping and possible because of the increased cell density of modern SDRAM chips, particularly DDR3 and DDR4.

While the Rowhammer effect has been known or documented for a long time, members of Google's Project Zero team were the first to prove it can have security implications in March 2015 when they revealed two privilege escalation exploits based on it.

Rowhammer.js

Rowhammer.js was an implementation of the Rowhammer attack via JavaScript, proving that this flaw can be exploited remotely through the browser, simply by visiting a malicious web page. Browser vendors have added mitigations against this exploit.

Drammer - CVE-2016-6728

Drammer is a Rowhammer-type exploit demonstrated in 2016 against Android devices. Until then the memory chips in mobile devices were thought to be unaffected.

Flip Feng Shui

An implementation of the Rowhammer attack against virtual machines, where a malicious guest VM can flip bits in the physical memory affecting a different virtual machine in a controlled manner. The researchers demonstrated this by breaking the OpenSSH public key authentication in the target VM.

ECCploit 

ECCploit is an attack that demonstrates that Rowhammer-type attacks can work even against SDRAM chips that have error-correcting code (ECC) capabilities. This type of memory, which is typically used in servers, was thought to be immune to Rowhammer.

Throwhammer

A Rowhammer attack that can be exploited over a network by leveraging the remote direct memory access (RDMA) feature present in fast network cards like those used in servers.

RAMBleed

RAMBleed is the first attack that has shown it is possible to use the Rowhammer effect to steal data from memory cells instead of simply modifying it. Previous Rowhammer attacks compromised memory integrity through bit flips, which could lead to privilege escalation and other conditions. Meanwhile, RAMBleed uses row hammering and a side-channel in order to infer information about and ultimately extract data from adjacent memory cells. In that respect it is similar to the effects of Meltdown and Spectre.

Wide-impact firmware vulnerabilities 

  1. BlueBorne
  2. KRACK
  3. BadUSB
  4. Thunderstrike and Thunderstrike 2 
  5. Thunderclap
  6. ROCA
  7. Intel Management Engine

BlueBorne 

A set of vulnerabilities announced in 2017 in the Bluetooth stack implementations of Linux, Android, Windows and macOS. It was estimated these vulnerabilities affected over 5 billion devices and while on computers it was easier to fix through OS updates, Bluetooth-enabled smart watches, TVs, medical devices, car infotainment systems, wearables and other internet-of-things devices required firmware updates. Researchers estimated one year later, in 2018, that over 2 billion devices remained exposed.

KRACK

KRACK, or the Key Reinstallation Attack, is an attack revealed in 2016 that exploited a weakness in the WPA2 wireless security standard, which is used to protect most wireless networks in use today. Because the weakness was in the standard itself, WPA2 implementations in all types of devices, including home routers and other IoT devices, were affected. Fixing the vulnerability required firmware updates, so many out-of-support devices remained vulnerable to this day.

BadUSB

An attack demonstrated in 2014 that allows reprogramming the microcontrollers in USB thumb drives in order to make them spoof other types of devices such as keyboards and used them to take control of computers or to exfiltrate data. Many USB thumb drives remain affected.

Thunderstrike and Thunderstrike 2  

Two attacks that exploited vulnerabilities in the firmware of Apple's Macbook devices in order to install firmware rootkits when malicious devices were connected to the Thunderbolt ports. Thunderstrike 2 also allowed compromising newly inserted Thunderbolt devices, creating the possibility of a worm.

Thunderclap

Another attack revealed this year that can execute privileged code on computers equipped with Thunderbolt ports.

ROCA

The Return of Coppersmith’s Attack (ROCA) is an attack against the Trusted Platform Modules (TPMs) and Secure Elements (SEs) produced by Infineon Technologies. These TPMs and SEs are used in tens of millions of business computers, servers, hardware authentication tokens and various types of smart cards, including national identity cards. The vulnerability allows the RSA keys generated with these components to be significantly more vulnerable to factorization -- attacks designed to recover keys. Researchers estimated the cost of recovering individual 2048-bit RSA keys generated by such devices to be around $20,000 and for 1024-bit RSA keys around $40.

Intel Management Engine 

The Intel Management Engine (ME) is a dedicated coprocessor and subsystem present in many Intel CPUs and is used for out-of-band management tasks. Intel ME runs its own lightweight operating system which is completely separate from the user-installed operating system, which is why it has often been described as a backdoor in the security community. Over the years there have been serious vulnerabilities found in Intel ME and fixing them requires installing firmware updates from computer manufacturers. This means many older, out-of-support systems are unlikely to receive such updates.

Logs leaked from the Conti ransomware gang in 2022 showed that the cybercriminal organization was investigating the possibility of exploiting Intel ME vulnerabilities in order to gain code execution privileges in System Management Mode, a highly privileged execution environment of the CPU, with the goal of deploying malicious code deep inside computer firmware to evade detection by security products. The leaked internal chats suggested that the gang had developed proof-of-concept code for such attacks.

Editor's note: This article, originally published in July 2019, has been updated to as new vulnerabilities come to light.

Copyright © 2022 IDG Communications, Inc.

1 2 Page 2
Page 2 of 2
7 hot cybersecurity trends (and 2 going cold)