Intel Skylake, Kabylake Vulnerable to USB Port Debugging Exploit, Says Research

By   /   Jan 12, 2017
Intel Skylake

With every leap in a generation of hardware technology, new security factors come forward, most of them enhance the protection, however, few of them allow exploitation at a greater level. A recent research says Intel Skylake, Kabylake vulnerable to USB port debugging exploit.

See Also: Intel Kaby Lake Gaming Performance, Do You Really Need To Upgrade? 

The claim comes from a pair of researchers at Positive Technologies that Intel Skylake, Kabylake are vulnerable to USB Port debugging exploit. Furthermore, the claim says that exploit can allow attacker to take over full control of system. The Intel processors as cited by research claims that it starts with Skylake, and presumably Kabylake, though, researchers do not mention a specific 7th generation CPU.

However, research says that Intel U-series have a debugging interface and is accessible through USB 3.0 ports and that is potential source of exploit.

Moreover, for attackers with their tools, resources and equipment, research mentions:

These manufacturer-created hardware mechanisms have legitimate purposes, such as special debugging features for hardware configuration and other beneficial uses. But now these mechanisms are available to attackers as well. Performing such attacks does not require nation-state resources or even special equipment.

Additionally, regarding the severity of attack, research says, an attacker could use the vulnerability to spy on user and access his data. Or, even prevent the system from running by rewriting its BIOS, so that user cannot proceed further.

Furthermore, the research points towards the main problem, that is JTAG (Joint Test Action Group) debugging interface. Plus, it works below software layer and that troubleshooters can perform hardware debugging on the OS kernel and drivers.

But, the interesting thing here is the new generation of processors that allow debugging via USB 3.0 ports. That gives direct access to JTAG through Direct Connect Interface (DCI). Whereas, the previous generations specifically before the Skylake, this was done through a special device or equipment.

Previously, it required interface with motherboard’s debugging port (ITP-XDP) but things are much easier now. You plug-in USB, you initiate the exploit, easy.

Research further shed light on the possibility of occurrence of exploit. It tells all that an attacker needs is DCI interface enabled. This technically is enabled by default and that an attacker no longer requires some hardware or software tricks.

Maxim Goryachy and Mark Ermolov discovered the security flaw and remain highly concerned about the easy occurrence of exploit. However, the research says that only Intel U-series including laptops, NUCs remain highly prone to an attack.

Featured Videos

Hot Right Now

AMD Ryzen CPU

The AMD Ryzen CPU Hits The Right Marks, Just Needs Right Price

The AMD Ryzen CPU was demoed recently and what a demo it was. AMD showed that the upcoming AMD...

by   /   Dec 15, 2016
Death Stranding leak

New Death Stranding Leak Revealed The Name Of Norman Reedus’ Character

Hideo Kojima rocked the internet with the reveal of Death Stranding trailer at The Game Awards...

by   /   Dec 15, 2016
Video Game Remasters

Untold Stories of Video Game Remasters – the Good, Bad, and Ugly

In today’s video, we discuss something subjective – are video game remasters good or bad? And...

by   /   Sep 9, 2016
Video Game Villains

Top 10 Invincible Video Game Villains Who Just Won’t Die, No Matter What

We all are accustomed with video game villains and the story usually concludes with the fall of...

by   /   Aug 18, 2016
Panasonic 3DO

Top-10 Retro Consoles You Never Knew Existed

Video gaming has come a long way! While we are well-acquainted with the likes of Xbox Scorpio and...

by   /   Aug 17, 2016
Load More