⚡ TL;DR: Go Straight to the Plundervolt Vulnerability Audit Report.
Dubbed Plundervolt and tracked as CVE-2019-11157, the latest Intel attack relies on the fact that modern processors allow frequency and voltage to be adjusted when needed, which can be modified in a controlled way to induce errors in the memory by flipping bits. By 'undervolting' the CPU, Intel's secure enclave technology becomes vulnerable to attack.
The Plundervolt attack targets Intel Software Guard eXtensions (SGX) and resembles more with speculative execution attacks like Foreshadow and Spectre. However, Speculative execution attacks like Foreshadow or Spectre allow reading data from SGX enclave memory while Plundervolt achieves the complementary operation, namely changing values in SGX-protected memory.
Pundervolt was first reported on June 7, 2019, by a group of international researchers from The University of Birmingham, our fellow Belgians at imec-DistriNet, KU Leuven, and the Graz University of Technology.
The security team released a dedicated website with FAQs and a detailed technical paper titled "Plundervolt: Software-based Fault Injection Attacks against Intel SGX".
The following CPU series are vulnerable to attacks:
- Intel® 6th, 7th, 8th, 9th & 10th Generation CoreTM processors
- Intel® Xeon® Processor E3 v5 & v6
- Intel® Xeon® Processor E-2100 & E-2200 families
Microcode and BIOS updates were released as part of Intel's security advisory INTEL-SA-00289.
Run the Plundervolt Vulnerability Audit Report
If you currently have Intel processors deployed in your network, it's pretty critical that you update them at the earliest opportunity to ensure that you don't fall prey to these vulnerabilities.
Our Intel Plundervolt Vulnerability Audit can tell you in no time which devices are affected and need to be patched.
If you haven't already, start your free Lansweeper trial to run the Plundervolt Audit Report.