Intel CSME (Converged Security and Management Engine)

2020

the Vulnerability allowing to intercept the ciphered data of users

On March 5, 2020 the Intel company thanked experts of Positive Technologies which detected vulnerability in a subsystem of Intel of CSME. The error is present at the majority of the chipsets of Intel which are released for the last five years.

According to the company, operating vulnerability of CVE-2019-0090, the local malefactor can take a root key of the platform (chipset key) which is written in a chip of PCH and to get access to ciphered by this key this. At the same time it is impossible to record the fact of leakage of a key. Having a root key, the malefactor can not only decrypt the data which are stored on the target computer but also to forge its certification which is based on the scheme EPID (Enhanced Privacy ID) — i.e. to issue the computer for the PC of the victim. This scheme is used in work of DRM technology and also for security of bank transactions and certification of Internet of Things.

The revealed vulnerability is similar to recently found error in BootROM of mobile platforms Apple, but belongs to the systems of Intel. Both vulnerabilities allow to take the ciphered data of users. In this case there is a lot of scenarios of extraction of a key. The key can be removed from the lost or stolen notebook for interpretation of the data loaded from it. The unfair supplier, the specialist of the servicing organization or the employee of the company can intercept a key — if they got physical access to the PC. Remote interception of a key is in certain cases possible if the malefactor during the multistage attack gets local access to the target PC or the equipment manufacturer allows to update remotely firmwares of internal devices, such as Intel Integrated Sensor Hub. Mark Yermolov, the expert of Positive Technologies told

Vulnerability potentially gives the chance to compromise widespread technologies of data protection which use hardware keys for enciphering, such as DRM, firmware TPM, Intel Identity Protection. For example, the malefactor can operate vulnerability on the PC for a bypass of DRM protection of content and its illegal copying. This error in ROM also allows to organize any accomplishment of the code at zero level of privileges of Intel of CSME, and it is impossible to eliminate this error using updating of a firmware.

Specialists of Intel recommend to users of the devices using technologies of Intel of CSME, Intel of SPS, Intel of TXE, Intel of DAL and Intel of AMT to address the producer of the specific device or motherboard to receive updating of the microprogram or BIOS for elimination of this vulnerability. The updated recommendations for decrease in level of the threats connected with vulnerability of CVE-2019-0090 are stated on the website of Intel.

Considering impossibility of fundamental correction of this problem by making changes in ROM of a chipset, experts of Positive Technologies recommend to disconnect the technology of enciphering of information media using a subsystem of Intel of CSME or to consider the possibility of replacement of the park of computers by the PC with Intel processors of the 10th series above. The important role is purchased also by identification of the possible facts of a compromise of infrastructure in a retrospective using analysis systems of traffic, such as PT Network Attack Discovery.

Appointment of Intel of CSME

According to information for March, 2020 Intel of CSME provides initial authentication of the system constructed on chips of Intel, loading and checking all other microprogram providing modern platforms. For example, Intel of CSME, interacting with a microcode of CPU, provides authenticity of a firmware of UEFI BIOS by means of BootGuard technology. Besides, Intel of CSME loads and verifies a firmware of the controller of power supply (Power Management Controller) managing giving of tension to each hardware block in chips of Intel.

But the fact that Intel of CSME is responsible for cryptographic base of such hardware technologies of protection, the developed Intel companies and used everywhere as DRM, fTPM and Intel Identity Protection is more important. In a firmware of Intel of CSME the scheme of remote certification of trusted systems, the called EPID (Enhanced Privacy ID) which allows to identify unambiguously and anonymously each specific copy of the computing system (computer) is implemented, finding a set of useful applications, such as protection of digital content, security of financial transactions, certification of Internet of Things. Besides, in a firmware of Intel of CSME the software module of TPM allowing to use it for storage of encryption keys without additional chip of TPM which is available not in each computer is implemented.

And the Intel company tried to make this root of trust safer. The security system of platforms of Intel is constructed in such a way that even the error of any accomplishment of the code in any of modules of a firmware of Intel of CSME does not bear risk of loss of a root security key (it is Chipset Key) but only only puts at risk specific functions for which the vulnerable module is responsible, at the same time allowing it is easy to level risk by change of encryption keys using the mechanism of safe version number of SVN. It was visually shown in 2017 when the error of any accomplishment of the code was found in the module of a firmware BringUP (bup) described in Intel SA-00086. Then the Intel company just executed rekey generation, having increased SVN, and thus easily avoided risk of a compromise of the technologies constructed on EPID.^[1]

Notes