Ripple20: Multiple Zero Day Vulnerabilities in Treck TCP/IP stack

Treck IP stack implementations for embedded systems are affected by multiple zero-day vulnerabilities. Total 19 vulnerabilities  in a widely used low-level TCP/IP software library developed by Treck, Inc have been discovered by the JSOF research lab, who calls them Ripple20.  Treck TCP/IP Stack  Treck IP network stack is designed for and used in a variety of embedded systems. The software is often licensed and integrated … Continue reading “Ripple20: Multiple Zero Day Vulnerabilities in Treck TCP/IP stack”

Thunderspy attacking Thunderbolt enabled PCs

Summary: In February 2020, researchers reached out to Intel with a report on Thunderbolt, which they refer to as “Thunderspy”. The so-called Thunderspy attack takes less than five minutes to pull off with physical access to a device, and it affects any PC manufactured before 2019. Description: This Vulnerability is in fact new, and their … Continue reading “Thunderspy attacking Thunderbolt enabled PCs”

Intel Processors CacheOut Vulnerability

Summary: Intel(R) Processors suffer from information disclosure vulnerability via Cache Evictions named as CacheOut Vulnerability.  An issue was discovered in Intel processors due to Cleanup errors in some data cache evictions that allow an authenticated user to potentially enable information disclosure via local access. This was assigned under CVE-2020-0549. Description: Recently, researchers have discovered vulnerability … Continue reading “Intel Processors CacheOut Vulnerability”

L1 Terminal Fault /Foreshadow Attack aka L1TF Attack

A new class of hardware vulnerabilities have been discovered in Intel processors. Upon exploitation a malicious code can achieve information disclosure that can be used for further exploitation .This vulnerability affects Intel Core processors and Intel Xeon processors, please check here for a complete list of affected processors . Intel has addressed this issue in INTEL-SA-00161. … Continue reading “L1 Terminal Fault /Foreshadow Attack aka L1TF Attack”

Intel LazyFP Vulnerability : CVE-2018-3665

An information disclosure vulnerability has been disclosed in Intel Microprocessors. Lazy restored FP states are susceptible to speculative execution cache side-channel attacks, A process can infer FPU registry (AVX, MMX and SSE) values of other processes. CVE-2018-3665 has been assigned to track this issue. It does not affect AMD processors. Intel has addressed this vulnerability in … Continue reading “Intel LazyFP Vulnerability : CVE-2018-3665”

Speculative Execution Vulnerability

In January 2018 a new class of vulnerabilities were discovered in speculative execution. They were termed Spectre and Meltdown. Adding to this list, two new vulnerabilities have been disclosed. They affect Intel,ARM and AMD processors. Please refer to their respective advisories for affected processor models. Rogue System Register Read: A new subvariant of Rogue Data Cache … Continue reading “Speculative Execution Vulnerability”

Mishandling of Debug Exceptions Leading to Elevation of Privilege : CVE-2018-8897

An elevation of privilege attack was discovered in the stack change mechanism in Intel and AMD. On exploitation an attacker can execute user level code in kernel context or cause DoS. The vulnerability resulted due to misinterpretation of the documents describing the stack change process. CVE-2018-8897 has been assigned to track this vulnerability. The researchers … Continue reading “Mishandling of Debug Exceptions Leading to Elevation of Privilege : CVE-2018-8897”

Out-of-Order Execution Side-Channel attack [Spectre/Meltdown]

A flaw in Out-of-Order execution mechanism allows user level programs to leak addresses of kernel and process memory space. This vulnerability can be exploited to bypass KASLR as well as CPU security features like SMAP,SMEP,NX and PXN. It can be exploited to bypass OS process isolation. The issue affects processors from Intel, AMD ,ARM, Samsung and … Continue reading “Out-of-Order Execution Side-Channel attack [Spectre/Meltdown]”

Intel Firmware Remote Code Execution Vulnerabilities

Several vulnerabilities were discovered in Intel Management Engine (ME), Intel Server Platform Services (SPS), and Intel Trusted Execution Engine (TXE). The vulnerabilities were discovered as a result of an in-house security review of the products in question and input from external researchers. The vulnerabilities are mostly buffer overflows leading to arbitrary code execution and privilege … Continue reading “Intel Firmware Remote Code Execution Vulnerabilities”