'Unfixable' hole in Intel ROM exposes all but latest chips to attack, researchers say
A security firm says the hole impacts generations of Intel chipsets.
Eli BlumenthalSenior Editor
Eli Blumenthal is a senior editor at CNET with a particular focus on covering the latest in the ever-changing worlds of telecom, streaming and sports. He previously worked as a technology reporter at USA Today.
Expertise5G, mobile networks, wireless carriers, phones, tablets, streaming devices, streaming platforms, mobile and console gaming,
Security researchers have discovered a hole in
read-only memory that it believes cannot be fixed and leaves all but Intel's latest 10th-generation devices exposed. The discovery, announced Thursday by security firm Positive Technologies, points out an error in Intel's boot ROM that allows each system with the hole to be susceptible to a hack.
The vulnerability was found in the ROM of the Intel Converged Security and Management Engine (CSME), Mark Ermolov, Positive Technologies' lead specialist of OS and hardware security, said in a blog post. It "jeopardizes everything Intel has done to build the root of trust and lay a solid security foundation on the company's platforms," he said.
"The problem is not only that it is impossible to fix firmware errors that are hard-coded in the Mask ROM of microprocessors and chipsets," Ermolov added. "The larger worry is that, because this vulnerability allows a compromise at the hardware level, it destroys the chain of trust for the platform as a whole."
When the London-based company contacted Intel it was told the chip giant was already aware of the hole.
The Intel CSME is responsible for the first authentication, loading and verifying the firmware of Intel-based devices. By being exposed early in the boot process, it could leave the computer exposed to the point where Positive Technologies envisions a worst-case scenario where "hardware IDs will be forged, digital content will be extracted and data from encrypted hard disks will be decrypted."
Intel updated a patch to fix some of the vulnerabilities last month, crediting Positive Technologies in its acknowledgments. But the researchers believe the hole is incapable of ever being fully filled.
Positive Technologies said this hole is exposed on all but Intel's latest 10th-gen chips. It noted that "there might be many ways to exploit this vulnerability in ROM," some of which "might require local access" such as malware while others might need "physical access" to a computer target in question.
Intel acknowledged a potential issue.
"Intel was notified of a vulnerability potentially affecting the Intel Converged Security Management Engine in which an unauthorized user with specialized hardware and physical access may be able to execute arbitrary code within the Intel CSME subsystem on certain Intel products," Intel spokesperson Leigh Rosenwald said in a statement.
"Intel released mitigations and recommends keeping systems up-to-date," adding that anyone looking for "additional guidance specific to CVE-2019-0090" can find it here.