Intel data center SSD drives allow hackers to take complete control of servers

Since 2018 multiple digital forensics specialists started to reveal the existence of severe Spectre and Meltdown vulnerabilities, which affect Intel’s advanced processors. Now, new researches have uncovered new flaws in the company’s software.

The new vulnerabilities, discovered by Eclypsium firm specialist Jesse Michael and internal Intel staff, significantly affect the Intel processor diagnostic tool, as well as and another flaw in the Intel processor data center of solid-state drives.

The vulnerability in the processor diagnostic tool, tracked as CVE-2019-11133, would allow an authenticated user to generate an escalation of privileges, access sensitive information, or perform denial of service (DoS) attacks using a local access. The vulnerability received an 8.2/10 score on the Common Vulnerability Scoring System (CVSS) scale.

The second vulnerability is present on Intel’s S4500 and S4600 series solid-state drives. If exploited, this flaw would allow an unauthenticated threat actor to scale privileges on the system through a physical access point; the vulnerability received a score of 5.3/10 on the CVSS scale, so it is not considered a critical flaw.

Intel received reports from the digital forensics expert and was able to release the corresponding update patches before the 90-day deadline for vulnerability public disclosure.

Intel has received multiple bug reports recently. A few weeks ago it was revealed that there were multiple flaws in the firmware of NUC, the minicomputer developed by Intel, in addition to critical flaws in other developments of the company, such as computer cards and RAID 3 web consoles; in total, Intel has fixed 25 critical vulnerabilities so far this year.

According to digital forensics specialists from the International Institute of Cyber Security (IICS) the presence of so many vulnerabilities is an indicator of how little-updated the company’s security strategy is, although considerable efforts are being made in the release update patches, experts believe it is necessary to review the company’s security approach completely, otherwise increasingly serious security threats could appear in the future.