Wednesday, December 6, 2023

New Collide+Power Exploit Let Attacker Steal Sensitive Data From All Modern CPUs

The build and shared components on the CPUs are exploited by a method called Collide+Power. This attack vector does not target specific programs but the hardware itself.

Advanced software-based power side channels echoed the discovery of Meltdown and Spectre vulnerability, which leaked actual data values through underlying hardware.

The core causes of this vulnerability are the shared CPU components like internal memory systems.

Combining the data from the attacker and other application data results in combined leakage signals in the power consumption.

There have been two attack scenarios that belonged to the Collide+Power category.

The first attack breaks the isolation of CPU hyperthreads, and the second attack which breaks the isolation between user programs and the operating system

In addition, this attack technique can boost any power-related side channel signal like RAPL (PLATYPUS) or frequency throttling (Hertzbleed).

Working of Collide+Power

For instance, the attacker fills the targeted CPU component, like the CPU cache, with attacker-controlled data. Then, the attacker forces the victim’s data to overwrite the attacker-controlled data, which results in the collision of data with the victim’s secret.

Since CPUs are designed to consume power as per the data usage, the collision results in a large number of iterations in the overwriting process. Finally, the attacker can get the exact secret value of the victim.

There were two variants in the Collide+Power variants, 

Variant 1: The victim program constantly accesses important secret data like decryption keys to encrypt or decrypt a large chunk of data. This attack variant requires hyperthreading to be enabled.

Variant 2: In this attack variant, the attacker used a prefetch gadget in the operating system to bring arbitrary data into the shared CPU component, which can be extracted using the data collisions. This attack variant has reduced leakage rates but does not require hyperthreading.

Several CVEs were discovered in the past, which include CVE-2020-8694, CVE-2020-8695, CVE-2022-23823, and CVE-2022-24436. However, a recent vulnerability was discovered on AMD CPUs which was reported and fixed.

CVE-2023-20583: Software-based Power Side Channel on AMD CPUs

An attacker can exploit this vulnerability in AMD processors to monitor CPU power consumption since the data in the cache line changes over time which can result in the leakage of sensitive data. The CVSS score for this vulnerability is yet to be confirmed.

AMD has released a security advisory for addressing this vulnerability.

A complete report has been published regarding this new discovery which provides detailed information regarding the threat vectors, mitigations, and others.

Keep yourself informed about the latest Cyber Security News by following us on GoogleNews, Linkedin, Twitter, and Facebook.


Latest articles

BlueNoroff: New Malware Attacking MacOS Users

Researchers have uncovered a new Trojan-attacking macOS user that is associated with the BlueNoroff APT...

Serpent Stealer Acquires Browser Passwords and Erases Intrusion Logs

Beneath the surface of the cyber realm, a silent menace emerges—crafted with the precision...

Doppelgänger: Hackers Employ AI to Launch Highly sophistication Attacks

It has been observed that threat actors are using AI technology to conduct illicit...

Kali Linux 2023.4 Released – What’s New!

Kali Linux 2023.4, the latest version of Offensive Security's renowned operating system, has been...

Trickbot Malware Developer Pleads Guilty & Faces 35 Years in Prison

A 40-year-old Russian national, Vladimir Dunaev, pleaded guilty for developing and deploying Trickbot malware....

ICANN Launches RDRS to Assist Law Enforcement Agencies to Discover Private Info

ICANN is a non-profit organization that is responsible for coordinating the global internet's-DNSIP address...

Hackers Use Weaponized Documents to Attack U.S. Aerospace Industry

An American aerospace company has been the target of a commercial cyberespionage campaign dubbed...
Eswar is a Cyber security content editor with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.

API Attack Simulation Webinar

Live API Attack Simulation

In the upcoming webinar, Karthik Krishnamoorthy, CTO and Vivek Gopalan, VP of Products at Indusface demonstrate how APIs could be hacked.The session will cover:an exploit of OWASP API Top 10 vulnerability, a brute force account take-over (ATO) attack on API, a DDoS attack on an API, how a WAAP could bolster security over an API gateway

Related Articles