A set of critical vulnerabilities were recently discovered in AMD’s Zen processor line not unlike Intel’s Meltdown/Spectre. Israeli based security researchers from CTS Labs had released a white paper reporting their findings and concerns while redacting any technical details to prevent their tests from being reproduced for malicious purposes. This article will cover a summarized version of what happened, the vulnerabilities, significance, and mitigation’s.
What happened?
Researchers from CTS Labs discovered several critical vulnerabilities and exploits in AMD’s processors lines EPYC, Ryzen, Ryzen Pro, and Ryzen Mobile.
The vulnerabilities found were split into 4 categories. They are RYZENFALL, MASTERKEY, FALLOUT, and CHIMERA with each category containing a set of different vulnerabilities detailing what processor and/or chipset it affects, how it affects it, and what it can allow an attacker to do.
A graphical overview of the vulnerability categories can be found below: A full table of the vulnerabilities can be found in their white paper.
Th AMD Zen processing line is AMD’s “new generation of high-performance AMD computing products in 2017 and beyond.” by combining “the latest thinking in high-throughput and low-power design methodologies to create a balanced and versatile architecture right at home in the desktop, laptop, datacenter and supercomputer”. Contained within is the “AMD Secure Processor” which is a dedicated “hardware-based technology which enables secure boot up from BIOS level into the TEE”. It essentially is AMD’s specific form of secure boot giving the Zen processing line security by acting as the “ immutable Root of Trust for verifying the secure boot process”.
Its purpose is to mitigate multple threat scenarios that alter the boot stages by circumventing a security solution before it can take place, supply chain attacks to prevent malware infected ROMS from tampering with the BIOS, as well as others.
Despite it being responsible for security there are multiple vulnerabilities that malicious actors could take advantage of and exploit. According to CTS Labs, a malicious actor can exploit these vulnerabilities in order to:
Take control over Ryzen, and EPYC Secure Processors.
Take control over Ryzen Chipset.
Infect AMD chips with malware.
Steal credentials on high-security enterprise networks.
Evade virtually all endpoint security solutions.
Cause physical damage to hardware.
MASTERKEY Vulnerabilities
MASTERKEY is a set of three vulnerabilities allowing three distinct pathways to bypass Hardware Validated Boot on EPYC and Ryzen and achieve arbitrary code execution on the Secure Processor itself.
The vulnerabilities could potentially allow an actor to install malware into AMD’s Secure Processor, bypassing its security measures and tampering with BIOS, operating systems, and firmware security measures.
In order for an attacker to exploit MASTERKEY it requires them to re-flash the BIOS to inject an update containing malware. By using Secure Processor metadata it exploits one of the vulnerabilities and the ARM Cortex A5. The processor located inside the AMD Secure Processor is exploited using malware code compiled for it and by doing so it will pass a BIOS-specific digital signature check done by the Secure Processor.
The following vulnerabilities require some prerequisites for exploitation. These require a program running on a local-machine with administrator level privileges and it to be digitally signed by a vendor. This in turn allows supposedly protected memory regions to be accessed by kernel drivers and user programs. When exploited they can allow an attacker the ability to steal network credentials, inject malware, or disable protection against unauthorized BIOS flashing.
RYZENFALL
The RYZENFALL vulnerabilities are a set of design and implementation flaws inside AMD Secure OS – the operating system powering AMD Secure Processor on Ryzen, Ryzen Pro and Ryzen Mobile.
The CHIMERA vulnerabilities are an array of hidden manufacturer backdoors inside AMD’s Promontory chipsets. This vulnerability contains two different backdoors one implemented within the firmware and the other inside the ASIC hardware.
The Promontory chipset is powered or used by various Taiwanese OEMs hardware peripherals. These peripherals are recognized to have “sub-standard security and no mitigations against exploitation” making such backdoors possible. A possible backdoor allows malicious code to be executed inside the chipsets internal processor circumventing many security solutions. It could be exploited to re-flash the chip, then inject persistent or firmware-based malware to gain full control over the system. For example the operating system could be manipulated through the Direct Memory Access (DMA). Due to the malware being firmware-based it makes detecting and removing rather difficult.
Significance
The amount of users and organizations who are currently being affected by this is insurmountable. Any user or organization using the latest AMD servers, workstations, or laptops is affected by this. It puts these users and their data at risk with little detection and at the moment almost no protection. The potential economic loss for customers and AMD can only be speculated. On top of that the loss of confidence in AMD’s ability to secure their customers data or their hardware is being put to scrutiny. These vulnerabilities greatly increase the potential for APT’s to exploit and cause significant damage.
Mitigation’s
Since these vulnerabilities affect processors and chipsets they are able to circumvent a significant number of security controls in place. Until a patch comes into place, these systems will remain vulnerable. Even then a patch can not fix all the issues
MASTERKEY
Consult with your OEM manufacturer on ways to prevent unauthorized BIOS updates.
RYZENFALL
No complete mitigation. There is a partial solution by AMD giving the option to disable the Secure Processor in the BIOS. This does not stop RYZENFALL attacks.
FALLOUT
No known mitigation’s.
CHIMERA
No known mitigations. “ For the ASIC backdoors the issue could not be directly resolved, and the solution may involve either a workaround or a recall.”
CTS Labs were very critical about the security quality controls currently in place. Some of these concerns were “The Ryzen and Ryzen Pro chipsets, currently shipping with exploitable backdoors, could not have passed even the most rudimentary white-box security review.“ and “ Furthermore, neither the Security Processor nor the Chipset offer any significant mitigations against exploitation should a vulnerability be discovered“.
Conclusion
With the discovery of these new vulnerabilities and Metldown/Spectre, it seems that processor based attacks may become more apparent by advanced persistent threats (APTs). While we can only analyze the information given it seems that these vulnerabilities with the proper testing and quality controls could have been mitigated or ultimately prevented. In a market dominated by these processor lines we need to put more focus on security in design and hold those who advocate against it, responsible. This is more than just an inconvenience. With these issues now in the light hopefully what CTS Labs main goal from this release can be obtained.
We urge the security community to study the security of these devices in depth before allowing them on mission-critical systems that could potentially put lives at risk.
