XuanTie C910 (processor)

2024: Identifying a vulnerability in the processor that allows hackers to hack data centers and cloud servers

In early August 2024, a group of researchers from Germany revealed that a hole in the Chinese RISC-V processor allows hackers to hack data centers and cloud servers.

RISC-V is an open source instruction set (ISA) architecture designed to develop custom processors for various types of applications, including embedded systems, microcontrollers, data centers, and high-performance computers.

Amazon

Researchers at the Helmholtz Center for Information Security (CISPA) have discovered a vulnerability in the XuanTie C910 processor manufactured by the Chinese chipmaker T-Head. According to experts, XuanTie C910 is one of the fastest RISC-V processors.

The vulnerability, called GhostWrite, allows attackers with limited privileges to read and overwrite data from physical memory, potentially allowing them to gain full and unlimited access to the target device. Although the GhostWrite vulnerability is specific to XuanTie C910, it has been confirmed to affect several types of systems, including PCs, laptops, containers and virtual machines in cloud servers.

The list of vulnerable devices named by the researchers includes Scaleway Elastic Metal RV bare-metal cloud systems, Sipeed Lichee Pi 4A, Milk-V Meles and BeagleV-Ahead single-board computers, and some Lichee computing clusters, laptops and game consoles.

To demonstrate their findings, the researchers showed how an attacker could use GhostWrite to gain administrator privileges or obtain an administrator password from memory. The researchers reported their findings to T-Head, but it is not yet clear if the supplier is taking any action on the matter. This vulnerability is a hardware bug that cannot be fixed with software updates or fixes.^[1]

Notes