PLATYPUS: a new threat affecting Intel and AMD CPUs

by | Nov 13, 2020

ETIQUETAS: Hot news | Security

A new side channel attack threatens Intel and AMD CPUs. It has been discovered by a group of Austrian researchers from the Graz University of Technology. They have called it PLATYPUS and it allows exploiting variations in processor power consumption to access confidential data. One of the characteristics that differentiate this attack from other similar ones is that it does not require physical access to the server, desktop or laptop.

This vulnerability opens the door for an unprivileged user to steal data by reconstructing the information received through the RAPL power monitoring interface. This interface is included in the Intel CVE-2020-8694, CVE-2020-8695 and AMD CVE-2020-12912 processors.

Linux operating systems are more vulnerable to PLATYPUS, as the kernel’s Powercap framework allows users without administrator permissions to access RAPL counters. In this way, CPU and DRAM consumption is exposed to possible tracing. Carrying out this attack on Windows and macOS systems requires additional effort, as the Inter Power Gadget package needs to be installed, which requires privileged access.

Both Intel and AMD, as well as the developers of the Xen hypervisor, have already released patches to prevent their products from being affected by this attack.

More information at this link.

SHARE

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

Recent posts

On-premises vs. cloud: Which is better for your business?

The choice of technology infrastructure is crucial for the growth and competitiveness of businesses. This article analyzes the advantages and disadvantages of “on-premises” and “cloud computing” models, focusing on aspects such as costs, scalability, security, and management.

Archives

Stay up to date with all the news from UDS ENTERPRISE through our social networks. Follow us!

Skip to content