image

CRAZY New Attack Exposes Sensitive Data in CPUs

In a development reminiscent of the mind-bending plot of the movie “Inception,” a team of researchers at ETH Zurich, led by Professor Kaveh Razavi, has successfully demonstrated a novel cybersecurity vulnerability that allows attackers to plant an idea within a computer’s central processing unit (CPU).

This revelation, which has been presented at the USENIX Security 2023 conference, has far-reaching implications for data security and cloud computing.

This discovery shows that certain CPUs can be manipulated into executing specific commands, effectively bypassing security measures and retrieving sensitive information. This novel attack, aptly named the “Inception” attack, revolves around the CPU’s inherent need to make guesses during program execution.

Modern CPUs operate at astounding speeds, making hundreds of millions of decisions per second during program execution. However, data transfer speeds from computer memory (DRAM) to the CPU have struggled to keep pace with this acceleration. To mitigate these delays, CPUs rely on predictive algorithms to anticipate the most likely next steps based on historical data, thereby significantly reducing processing time.

This reliance on predictions creates a vulnerability that attackers can exploit. Similar to the 2018 Spectre attack, where attackers leveraged mispredictions for unauthorized access, the Inception attack involves manipulating the CPU’s look-up table, which stores past instructions and predictions.

In this groundbreaking research shared with Hackread.com, ETH Zurich’s team, led by Professor Razavi, delved into vulnerabilities in CPUs manufactured by AMD. By capitalizing on the CPUs’ inclination to treat erroneous instructions as familiar, the researchers managed to implant an idea into the CPU’s memory during its predictive processes.

Consequently, the protective security features designed to validate the accuracy of predictions were bypassed, enabling the researchers to access sensitive data, including hashed root passwords.

Professor Razavi’s team alerted AMD to the vulnerability in February, providing the company time to develop a patch before the research was made public. This vulnerability has been assigned the code CVE-2023-20569.

The discovery of the Inception attack poses a significant threat, particularly in the realm of cloud computing, where multiple customers share the same hardware infrastructure. With the potential to compromise data integrity across various virtual environments, cloud providers and hardware manufacturers will need to reconsider their security protocols.

Professor Razavi’s research also raises questions about the broader landscape of CPU vulnerabilities. While this specific attack targeted AMD CPUs, there is a looming concern about the possibility of similar attacks on CPUs from other manufacturers.