AMD vulnerability of Secure Chip-On-Chip free on the internet

AMD is reportedly determined but has not yet released updates to the general public for one security error which affects the AMD Secure processor.

This component, formerly known as AMD PSP ( Security Processor), is one chip-on-chip security system, similar to its Management Engine (ME) Intel.

Just like Intel Me ™ processors and AMD Secure Processor processors is an integrated collaborative processor next to the actual AMD64 x86 CPU cores and has a separate processing system that is tasked with handling various security-related functions.AMD

Cfir Cohen, a security researcher with the Google Cloud Security team, reports that he discovered a vulnerability in the AMD Secure Processor Trusted Platform Module (TPM).

TPM is a component for storing critical system data, such as passwords, certificates, and encryption keys, and is located in a "secure" environment and outside of AMD's most easily accessible cores.

“Through static analysis, we found a stack in the EkCheckCurrentCert function,” Cohen reports. The researcher claims that an attacker could use specially configured certificates (EK certificates) to gain remote privileges of code to the AMD Secure processor, effectively breaking the security it offers.

Cohen mentioned that some basic mitigation techniques, such as stack cookies, NX stack, and ASLR. To date, however, they have not been implemented in AMD's Secure Processor, making exploit very easy.

Intel Me ™ processors use a similar TPM, but Cohen does not say whether it is affected.

Google researcher reported defect to AMD in September and AMD told researcher in December that it has developed an update and is preparing for its release.

Coincidentally, in Reddit [1, 2], some reported seeing a new one which allows AMD PSP to be disabled, but it's unclear if this new option is related to the updates AMD reports on Cohen's findings.

Let's say a PSP disable option is somewhat unique in the CPU world. For example, Intel has never allowed users to disable its secret partner despite the long list of security flaws reported for that particular item.

Cohen's disclosure of the AMD Secure Processor flaw came on the same day that Google researchers disclosed details of the flaws and Specter affecting most of the world's CPUs.

Last November, Intel again provided updates for several similar weaknesses in Intel ME which allowed attackers to install rootkits and retrieve data from the safe parts of Intel processors.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).