Security: TPM vulnerable; and dump mode for Intel ME

[German]Currently, two security issues are on the agenda. Meanwhile, an approach is known to get full access to the Intel Management Engine (Intel ME). And two attack methods on TPM chips from computers have become known.


Full access to Intel ME possible

German blog reader Rudi K. already pointed me yesterday by email to a German article dealing with that matter. At the same time I received a tweet about the topic via my Twitter channels.

There is a Proof of Concept (PoC) to enable JTAG mode to dump the contents of the Intel ME firmware.

(Source: Pexels Fancycrave CC0 License)

Brief details about Intel ME

Intel Management Engine (short Intel ME) is, according to Wikipedia, is an autonomous subsystem that has been incorporated in virtually all of Intel's processor chipsets since 2008. The subsystem consists mainly of proprietary firmware running on a separate microprocessor during the boot process, while the computer is running and while it is idle.  As long as the chipset or SoC is connected to power (via battery or power supply), it will continue to run even if the system is off. The exact functionality is largely undocumented and the firmware code is obscured by confidential Huffman tables (stored directly in the hardware).


The IntelTXE Proof of Concept (PoC)

However, the Intel ME has attracted attention in the past due to serious security issues/vulnerabilities. One of these vulnerabilities (INTEL-SA-00086) allowed hackers to to turn off the Intel ME at least on certain devices (see Hack: Disable Intel's Management Engine). This vulnerability led to the development of a proof of concept (PoC) to activate the JTAG mode for the Intel ME. This is a standard for testing and debugging integrated circuits after production.

The INTEL-SA-00086 vulnerability contains a buffer overflow when handling a file stored on MFS (the internal ME file system). Building on this vulnerability, the Positive Technologies team developed a PoC for the Gigabyte Brix GP-BPCE-3350C platform to enable JTAG mode and released it on GitHub. This enables full access to the Intel ME via USB and JTAG mode.

This allows not only the Intel ME firmware to be read (dumped) but also its function to be manipulated. Maxim Goryachy, who is involved in this work, then also reported:

That's all there is to say – even though it's not a general PoC for Intel ME, I think this feature is now being free 'to shot down'. Further details can be found in the articles linked above.

Attacks on TPM modules

The second security message also came to my attention on Twitter a few hours ago. Catalin Cimpanu refers to article Researchers Detail Two New Attacks on TPM Chips at Bleeping Computer.

Some background to TMP

The task of the Trusted Platform Module (TPM) is to ensure the authenticity of the hardware. A TPM uses RSA encryption keys to authenticate the hardware components involved in a computer's boot process, as well as its normal operation. The functionality of TPM and the integration of TPM components in the boot chain is specified in the TPM 2.0 specification published in 2013. Microsoft in particular uses TPM chips for Windows 10 in addition to UEFI, e.g. to secure the boot process and bitlocker encryption.

Attacks on TMP-Chips

In early August 2018, two attacks on TPM chips were described by four researchers from the National Security Research Institute of South Korea. These attacks allow an attacker to manipulate the boot process.

The attacks are possible thanks to power suspension mechanism, because modern motherboards do not supply power to all their components constantly and simultaneously. Mainboards provides a special APIs to power a component only when it is needed to perform an operation. The TPM chips also support ACPI (Advanced Configuration and Power Interface) to allow the operating system to control and optimize the power consumption of peripheral devices.

Security researchers discovered two problems that affect the way TPM chips are sent and awakened to suspended energy states. These problems allow an attacker to reset TPMs. As a result, a fake boot component can be introduced into the boot process of the device, which is then classified as trustworthy by the operating system (e.g. Windows 10). In other words, securing the boot process using the keys stored in the TMP chip is not guaranteed.

This means that users of appropriate hardware must check whether the board manufacturers provide appropriate firmware updates to iron out the vulnerabilities. Overall, TPM (and also UEFI 2.x) is now proving to be a source of problems, at least in the Microsoft world. Further information on this topic can be found at Bleeping Computer.

Cookies helps to fund this blog: Cookie settings

This entry was posted in devices, Security, Windows and tagged , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *