Intel's VISA ME Debugging Architecture Exploit
grarpamp
grarpamp at gmail.com
Fri Mar 29 15:56:17 PDT 2019
https://www.zdnet.com/article/researchers-discover-and-abuse-new-undocumented-feature-in-intel-chipsets/
https://www.intel.com/content/www/us/en/support/articles/000025619/software.html
https://www.blackhat.com/asia-19/briefings/schedule/#intel-visa-through-the-rabbit-hole-13513
At the Black Hat Asia 2019 security conference, security researchers
from Positive Technologies disclosed the existence of a previously
unknown and undocumented feature in Intel chipsets. Called Intel
Visualization of Internal Signals Architecture (Intel VISA), Positive
Technologies researchers Maxim Goryachy and Mark Ermolov said this is
a new utility included in modern Intel chipsets to help with testing
and debugging on manufacturing lines. VISA is included with Platform
Controller Hub (PCH) chipsets part of modern Intel CPUs and works like
a full-fledged logic signal analyzer. According to the two
researchers, VISA intercepts electronic signals sent from internal
buses and peripherals (display, keyboard, and webcam) to the PCH --
and later the main CPU. Unauthorized access to the VISA feature would
allow a threat actor to intercept data from the computer memory and
create spyware that works at the lowest possible level. But despite
its extremely intrusive nature, very little is known about this new
technology.
More information about the cypherpunks
mailing list