Two new vulnerabilities have been found in Intel processors. They are undocumented capabilities of the manufacturer that allow hijacking control over the device. Access to them opens in a special mode that in most cases only Intel engineers have access to. However, in some scenarios it can also be activated by hackers. Information security experts suggest that these options may be present in all current Intel processors and see them as a major potential threat.
According to Positive Technologies experts Mark Yermolov and Dmitry Sklyarov, there are two undocumented instructions in Intel processors that allow modification of the microcode and gain control over the processor and the entire system.
“The discovered instructions allow bypassing all existing x86 architecture protection mechanisms in modern processors,” said Yermolov.
The experts specified that the features found are in Intel’s Atom processor family, which has been updated since 2011 to the present day.
“In theory, the vulnerabilities found can be exploited by any attacker who has the necessary information”, Alexander Bulatov, Commercial Director of RuSIEM, told the publication.
In this case, the hacker would get a whole set of opportunities to control the compromised system.
“This can be either the simplest forced shutdown of the device, or flashing the processor with microcode that secretly performs certain tasks of the attacker,” explained Bulatov.
According to Yermolov, instructions can be activated remotely only in a special mode of operation of processors Red Unlock, which only Intel engineers should have access to. As Positive Technologies noted, some processors have vulnerabilities that allow third parties to enable Red Unlock mode as well.
Intel’s press office said it takes Positive Technologies’ research seriously and is carefully reviewing their claims.
The vulnerabilities found are potentially dangerous for users of devices based on the Intel Atom family. These are low-power processors mainly used in netbooks, tablets, POS terminals and POS machines.
If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.