Flaw found in Trusted Platform Module of AMD CPUs

Posted on Saturday, January 06 2018 @ 18:59 CET by Thomas De Maesschalck
AMD logo
Google security researcher Cfir Cohen dicovered a vulnerability in the fTMP of AMD's Platform Security Processor (PSP). This is a hidden layer that runs on AMD processors, similar to Intel's controversial Management Engine.

While the flaw enables nasty stuff, the risk to the average user is very low as attackers need physical access to the motherboard to modify the SPI-Flash:
In an email to The Register, Dino Dai Zovi, cofounder and CTO of security biz Capsule8, said the vulnerability isn't quite subject to remote execution "since the crafted certificate that exploits the vulnerability needs to be written to NVRAM, the attacker must already have privileged access to the host or physical access. It would let an attacker bypass secure/trusted boot, which is performed by the TPM."

An AMD spokesperson told The Register that an attacker would first have to gain access to the motherboard and then modify SPI-Flash before the issue could be exploited. But given those conditions, the attacker would have access to the information protected by the TPM, such as cryptographic keys.
The Register has more details over here. An update to resolve this vulnerability will be issued later this month.


About the Author

Thomas De Maesschalck

Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.



Loading Comments