Dubbed SWAPGS attack, the vulnerability is a novel side-channel exploit that benefits from the poorly documented behavior of SWAPGS, a system instruction that is used by the OS to switch between two “model-specific registers.” Hackers can use it to leak sensitive aspects of the kernel memory, including encryption keys and passwords. Researchers at Bitdefender found a side-channel vulnerability that can be used against Intel CPUs and PCs running on them. By capitalizing on this vulnerability, hackers can make local presses leak the contents of floating-point unit registers that connect with another process. The FPU is generally used to enhance mathematical processors on point numbers. This is a vulnerability that can be used to leak the state of the FPU (floating-point unit), which is a unique math coprocessor present in modern-day Intel CPUs. An adversary could utilize the loopholes to read any information present in the cache, including protected data associated with the SMM (System Management Mode), the OS’s kernel or with other virtual machines managed by external cloud providers. Hackers use it to extract sensitive data from the CPUs’ L1 data cache, which is accessible to all processor cores. Foreshadowįoreshadow is an execution-related vulnerability that affects Intel CPUs. The escalation opens and writes access to control registers (CR), model-specific registers (MSR), chipset I/O space, kernel and physical virtual memory. These are driver design flaws that enable hackers to escalate user privileges in order to access OS kernel models. Screwed driversĪccording to researchers at Eclypsium, over 40 drivers from major BIOS vendors - including Huawei, Asus, Toshiba and NVIDIA - are susceptible to “screwed drivers” vulnerabilities. The vulnerability impacts Intel, AMD and ARM variants of processors. It can also be used to leak cross-process data. Speculative Store Bypass (SBS)Ī variant of the Spectre security vulnerability, SSB or Speculative Store Bypass enables hackers to execute memory readers before memory write addresses are revealed. It can be used by hackers with physical access to a Thunderbolt port to overtake a target system in just a few seconds, executing arbitrary code at the highest level of privilege and gaining access to encryption keys, passwords, banking logins and other data. ![]() Thunderclap is a collection of hardware vulnerabilities that reside in the Thunderbolt hardware interface produced by Intel. Hackers can use it to break through the kernel’s privilege boundaries, which typically safeguard sensitive secrets. Meltdown RDCL (Rogue Data Cache Load) capitalizes on the non-functional execution capabilities of Intel CPUs. This means that, tentatively, a hacker can change any value of the memory’s bit. Rowhammer is classified as a vulnerability affecting some recent DDR DRAM devices where repeated access to a memory row can result in bit flips in adjustment rows. ![]() ![]() A Kyle Lovett security researcher, for instance, found that more than 700,000 ADSL routers distributed to various customers suffered from the “directory traversal” vulnerability that provides hackers with a way to extract administrative details. Old computer routers can have serious flaws that enable remote adversaries to take control of them.
0 Comments
Leave a Reply. |