Jump to content

Intel VISA Exploit Gives Access to Computer’s Entire Data, Researchers Show


The AchieVer

Recommended Posts

The AchieVer

Intel VISA Exploit Gives Access to Computer’s Entire Data, Researchers Show

 

Intel VISA Exploit Gives Access to Computer’s Entire Data, Researchers Show

Intel VISA is said to be a utility that is bundled by the chipmaker for testing

HIGHLIGHTS

  • Researchers used previously disclosed vulnerabilities to access VISA
  • Intel is very secretive about VISA and information about it is not public
  • Intel underplayed the VISA exploits

Security researchers have discovered a previously unknown feature in the Intel chipsets, which could allow an attacker to intercept data from the computer memory. The feature called Intel Visualization of Internal Signals Architecture (Intel VISA) is said to be a utility that is bundled by the chipmaker for testing on the manufacturing lines. Although Intel doesn't publicly disclose the existence of Intel VISA and is extremely secretive about it, the researchers were able to find several ways to enable the feature on the Intel chipsets and capture the data from the CPU.

 

As a per presentation made by the researchers Mark Ermolov and Maxim Goryachy of Positive Technologies at the ongoing Blackhat Asia 2019 conference in Singapore, their exploits of the Intel chipsets don't require any hardware modifications or special equipment. One of the techniques shared by the researchers involved vulnerabilities detailed in Intel-SA-00086 advisory that give access to Intel Management Engine (Intel ME), in turn helping enable VISA. Access to Intel VISA makes the computer's entire data vulnerable and obtainable for the attacker.

Intel underplayed the exploit and toldZDNet that the VISA issue requires physical access to the machines and the Intel-SA-00086 vulnerabilities have already been mitigated. The researchers however disagreed with Intel's comments and reportedly said in an online discussion that the patched Intel firmware can be downgraded using Intel ME, making the chipset vulnerable and opening the door for accessing Intel VISA.

 

Mark Ermolov also noted that the vulnerabilities detailed in Intel-SA-00086 are just one of the ways to access VISA, and there are other methods as well, including Orange Mystery and Intel JTAG password. The technical details of these exploits can be found in the presentation slides shared on Blackhat Asia website.

 

 

 

 

Source

Link to comment
Share on other sites


  • Replies 3
  • Views 488
  • Created
  • Last Reply

Research = Lab = Controlled Environment = More Published Bullshit

Link to comment
Share on other sites


BimBamSmash

Sorry for taking the sarcasm route here but this whole thing translates only into the following in my head: We will soon have another mandatory firmware patch that aims at making systems secure by dedicating more processing power to going around some architectural design flop at the expense of slowing down user-triggered computing queries.

Link to comment
Share on other sites


@straycat19 Things like this are not new and nothing can be done about it - they have been and will remain around. It's what the agencies use to exploit the zero-days for their purposes.

I thought you knew about this stuff or perhaps you are just a pretender - intelligence/signals intelligence expert.

Link to comment
Share on other sites


Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...