Intel's VISA ME Debugging Architecture Exploit
https://www.zdnet.com/article/researchers-discover-and-abuse-new-undocumente... https://www.intel.com/content/www/us/en/support/articles/000025619/software.... https://www.blackhat.com/asia-19/briefings/schedule/#intel-visa-through-the-... At the Black Hat Asia 2019 security conference, security researchers from Positive Technologies disclosed the existence of a previously unknown and undocumented feature in Intel chipsets. Called Intel Visualization of Internal Signals Architecture (Intel VISA), Positive Technologies researchers Maxim Goryachy and Mark Ermolov said this is a new utility included in modern Intel chipsets to help with testing and debugging on manufacturing lines. VISA is included with Platform Controller Hub (PCH) chipsets part of modern Intel CPUs and works like a full-fledged logic signal analyzer. According to the two researchers, VISA intercepts electronic signals sent from internal buses and peripherals (display, keyboard, and webcam) to the PCH -- and later the main CPU. Unauthorized access to the VISA feature would allow a threat actor to intercept data from the computer memory and create spyware that works at the lowest possible level. But despite its extremely intrusive nature, very little is known about this new technology.
participants (1)
-
grarpamp