Intel Xeon workhorses boot evil maids out of the hotel: USB-based spying thwarted by fix

guest · Jul 25, 2018

Intel Xeon workhorses boot evil maids out of the hotel: USB-based spying thwarted by fix
The story behind the quietly patched CVE-2018-3652
July 25, 2018
https://www.theregister.co.uk/2018/07/25/intel_xeon_usb_debugging/

US-based Eclypsium, founded by former Chipzillans Yuriy Bulygin and Alex Bazhaniuk, confirmed this week it is possible to pull off a classic evil maid attack against Intel-powered servers and workstations by abusing a USB-based system debugging mode to commandeer a vulnerable box.

In effect, you can jam a widget into a vulnerable machine's USB port and run some crafty code to take over the system and install a rootkit, spyware, or whatever you like. This requires a special debug mode in the chipset to be enabled, and you to be left unattended with the box.

The vulnerability was designated CVE-2018-3652, and Chipzilla credited its discovery to Eclypsium principal researcher Jesse Michael, also ex-Intel.

According to the researchers, ensure in your firmware settings that CPU debugging is “disabled and locked,” and the Direct Connect Interface is disabled, because “if enabled, the chipset will provide debug capability over USB.”
Click to expand...

Log in or Sign up

Intel Xeon workhorses boot evil maids out of the hotel: USB-based spying thwarted by fix

guest Guest

Log in or Sign up

Intel Xeon workhorses boot evil maids out of the hotel: USB-based spying thwarted by fix

guest Guest

Useful Searches