Another Intel Vulnerability, and it’s Unfixable…

/ 4 years ago
Intel Rolls Out Core i9 Mobile Processors

Honestly, I saw this story this morning and I couldn’t help but think “what? Again… meh, same s*** different day” but that doesn’t make it any less of a serious issue. Researchers at Positive Technologies found the vulnerability Inside Intel’s Converged Security and Management Engine (CSME). I mean, that’s what I go digging through in my spare time too, but alas, they found that the CSME is actually a tiny CPU within a CPU.

The little chip in a chip is responsible for the security of the SoC. It’s basically a secure box for all the secret data handling on the chip I guess. However, they’ve cracked it and that means that now many millions of Intel CPU based systems from the last five years are now vulnerable.


“Unfortunately, no security system is perfect. Like all security architectures, Intel’s had a weakness: the boot ROM, in this case. An early-stage vulnerability in ROM enables control over the reading of the Chipset Key and generation of all other encryption keys. One of these keys is for the Integrity Control Value Blob (ICVB). With this key, attackers can forge the code of any Intel CSME firmware module in a way that authenticity checks cannot detect. This is functionally equivalent to a breach of the private key for the Intel CSME firmware digital signature, but limited to a specific platform.” – Positive Technologies

Am I Safe?

It looks like every Intel CPU of the last 5 years is suffering this unfixable issue. However, the 10th Gen, Ice Point chipsets and SoCs are not affected by it. The only saving grace is that you need physical access to the hardware as it cannot be done remotely. Of course, that may be good for your gaming PC in your bedroom, not so great for your office computer in a sensitive industry.

Topics: , , ,


By supporting eTeknix, you help us grow and continue to bring you the latest newsreviews, and competitions. Follow us on FacebookTwitter and Instagram to keep up with the latest technology news, reviews and more. Share your favourite articles, chat with the team and more. Also check out eTeknix YouTube, where you'll find our latest video reviews, event coverage and features in 4K!

Looking for more exciting features on the latest technology? Check out our What We Know So Far section or our Fun Reads for some interesting original features.

eTeknix Facebook eTeknix Twitter eTeknix Instagram eTeknix Instagram
  • Be Social With eTeknix

    Facebook Twitter YouTube Instagram Reddit RSS Discord Patreon TikTok Twitch
  • Features

Send this to a friend