Intel Skylake and Kaby Lake systems are vulnerable to a USB debugging exploit

Intel Skylake and Kaby Lake systems are vulnerable to a USB debugging exploit

| Source: hothardware Author: Mark Campbell

Intel Skylake and Kaby Lake systems are vulnerable to a USB debugging exploit

Researchers at Positive Technologies have now claimed that Intel's U-Series Skylake and Kaby Lake series processors are vulnerable to a USB debugging bypass which could be used to attack systems.

This vulnerability allows attackers to bypass security mechanisms by using a debugging interface exploit, which allows attackers to install malicious code, rewrite firmware and even rewrite your system's BIOS. This bug affects any system with a Skylake CPU that has a debugging interface that is accessible via USB 3.0. What is most scary about this exploit is that it is currently undetectable using existing security tools.

This mechanism can be used on a hacked system regardless of the OS installed. The DCI can be used on any system with Intel U-series processor

In the past, this kind of debugging was done using a special device which used a motherboard's specialised debugging port (which has a specialised connector), though since Skylake Intel has moved to a direct contact interface (DCI) that provides access to the JTAG (Joint Test Action Group) debugging interface through USB 3.0.

An attacker could change the BIOS configuration (for example, by using a Flash memory programmer) when they have physical access to the equipment during manufacturing, storage or usage. Some BIOSs do not block the DCI configuration which is why there is the possibility of turning on the DCI,

This vulnerability can lead to a whole new range of "BadUSB" style attacks, not only being usable to corrupt systems but to infect them with Malware, spying tools and a seemingly limitless amount of other unwanted malware.

Thankfully this vulnerability has already been reported to Intel, though at this time this exploit leaves all systems with Intel U-series CPUs vulnerable, regardless of the OS or software used.

You can join the discussion on Intel's U-Series CPU vulnerability on the OC3D Forums. Find all of the latest PC hardware and gaming news on the OC3D Homepage.

1 - Intel Skylake and Kaby Lake systems are vulnerable to a USB debugging exploit 2 - Intel Skylake and Kaby Lake systems are vulnerable to a USB debugging exploit «Prev 1 2 Next»

Most Recent Comments