Intel Xeon workhorses boot evil maids out of the hotel: USB-based spying thwarted by fix

The story behind the quietly patched CVE-2018-3652

Ex-Intel security dragons have breathed fresh fire into the old maxim: if someone has physical access to your machine, you're pwned.

US-based Eclypsium, founded by former Chipzillans Yuriy Bulygin and Alex Bazhaniuk, confirmed this week it is possible to pull off a classic evil maid attack against Intel-powered servers and workstations by abusing a USB-based system debugging mode to commandeer a vulnerable box.

In effect, you can jam a widget into a vulnerable machine's USB port and run some crafty code to take over the system and install a rootkit, spyware, or whatever you like. This requires a special debug mode in the chipset to be enabled, and you to be left unattended with the box.

The exploitation of USB-based debugging to hijack systems has been previously documented. What's new here is that on Monday, Eclypsium blogged that Intel has issued a patch – specifically, an updated Direct Connect Interface policy – to thwart USB-based debugging attacks on certain Xeon-powered systems.

The vulnerability was designated CVE-2018-3652, and Chipzilla credited its discovery to Eclypsium principal researcher Jesse Michael, also ex-Intel.

Intel left a fascinating security flaw in its chips for 16 years – here's how to exploit it

READ MORE

"Existing UEFI setting restrictions for DCI (Direct Connect Interface) in 5th and 6th generation Intel Xeon Processor E3 Family, Intel Xeon Scalable processors, and Intel Xeon Processor D Family can potentially allow a limited physical presence attacker to access platform secrets via debug interfaces," Intel noted in its advisory.

It added that client chips – such as those used in desktop PCs and laptops – should be unaffected because USB-based debugging is expected to be disabled by default. If in doubt, check your firmware settings.

According to Team Eclypsium, "debug access over USB enables installation of persistent rootkits in UEFI firmware and runtime SMM firmware on systems that do not securely set debug policy. This weakness would allow an attacker with physical access to the device to perform an 'Evil Maid' attack without opening the case."

Again, this particular attack is against Xeon-based systems, rather than Intel-powered client computers. For the latter, you'll have to pop the case, as demonstrated in this video.

That's what makes debug mode valuable: if it's enabled, “it is possible to halt the system inside SMM and make arbitrary changes to memory from that context. This grants complete control of highly privileged SMM execution to the attacker,” the Eclypsium team said. At that point, a miscreant has total control over the hardware.

According to the researchers, ensure in your firmware settings that CPU debugging is “disabled and locked,” and the Direct Connect Interface is disabled, because “if enabled, the chipset will provide debug capability over USB.”

If a target falls short on these controls, an attacker who can get near your gear can plug a cable into the USB port and pwn a machine with a script. “An attacker may infect firmware with their own malware or rootkit, and they can do it without opening the case," the team warned.

In short: it's not the end of the world, however, it's why physical security and UEFI settings matter. ®




Biting the hand that feeds IT © 1998–2018