Yesterday CTS-Labs -a security company based in Israel- posted their whitepaper on 13 Critical Security Vulnerabilities in AMD Ryzen and EPYC processors. The company was founded in 2017 and this is their first public report. There are four classes of vulnerabilities with a few variation each. AMD’s Secure Processor and the Promontory Chipset are the possible target for attackers. There are quite a few interesting details about this, but let’s see the vulnerabilities first.

Masterkey

Masterkey has three variants and this exploit allows arbitrary code execution within the Secure Processor. The Secure Processor is an ARM Cortex A5 chip sitting inside the Ryzen and EPYC processors. This attack targets the Hardware Validated Boot (HVM) that is a crucial part of AMD’s secure boot.

The impact of MasterKey would allow security features to be disabled, such as the Firmware Trusted Platform Module or Secure Encrypted Virtualization. Also making it possible to install persistent malicious code inside the secure processor.

To enable the Masterkey type attack the malicious user needs to re-flash the BIOS, with corrupted software. CTS-Labs says: “MASTERKEY can often be exploited as part of a remote cyber-attack. Most EPYC and Ryzen motherboards on the market use a BIOS by American Megatrends that allows easy re-flashing from within the operating system using a command-line utility. Such utility could be used by remote attackers in the course of a cyber-attack.”

Ryzenfall

The Ryzenfall vulnerabilities allows the Secure Processor to be taken over by malware running on the main processor. The Secure OS is only found on Ryzen, Ryzen Pro and Ryzen Mobile.  One of the primary features implemented on top of Secure OS is AMD’s Firmware Trusted Platform Module (fTPM), which is responsible for secure storage of passwords and cryptographic secrets.

To install Ryzenfall exploits on the processor, the attacker needs to be able to run a program with local-machine elevated administrator privileges and it is done through a vendor supplied driver that is digitally signed.

Fallout

You can find the Fallout vulnerabilities in EPYC processors only. This type of attack targets the boot loader of the Secure Processor, that is responsible for Hardware validated boot and launching the Secure Processor for Secure Encrypted Virtualization.

Just as Ryzenfall, to exploit this the attacker needs to be able to run a program with local-machine elevated administrator privileges and it is done through a vendor supplied driver that is digitally signed.

Chimera

Chimera is targeting the Promontory chipsets of Ryzen and Ryzen PRO processors. CTS-Labs says: “The backdoors outlined in this section provide multiple pathways for malicious code execution inside the chipset’s internal processor. Because the chipset is a core system component, running malware inside the chip could have far reaching security implications.”

They were able to execute their own codes inside the chipset to manipulate the operating system running on the main processor. To exploit this the attacker needs to be able to run a program with local-machine elevated administrator privileges and it is done through a vendor supplied driver that is digitally signed.

Concerning details

CTS-Labs was founded in 2017 and this is their first public reveal. Although this not means that every new company should be bad, but there are a few details that we should spot. In AMD’s reply to the vulnerabilities they said that the company was previously unknown to AMD.

The general procedure when finding a security vulnerability is that the company/lab sends their findings to the manufacturers and wait at least 90 days before publishing their findings. This gives time to the manufacturers to investigate the vulnerability and fix it before it is open to the public.

CTS-Labs only gave 24 hours to AMD -basically nothing- and upon reaching the deadline they posted the vulnerabilities. In usual whitepapers there are exact methods to recreate the successful exploits, but in this case there are none.

The requirements of the exploits are interesting as well. If someone is able to re-flash the BIOS, it is clear they can do much more already without installing the malicious BIOS update. There are a lot of shadowy details around, so take all information with a grain of salt until there are official confirmations.

AMD’s statement

“We have just received a report from a company called CTS Labs claiming there are potential security vulnerabilities related to certain of our processors. We are actively investigating and analyzing its findings. This company was previously unknown to AMD and we find it unusual for a security firm to publish its research to the press without providing a reasonable amount of time for the company to investigate and address its findings. At AMD, security is a top priority and we are continually working to ensure the safety of our users as potential new risks arise.”

AMD finished the investigation

AMD confirmed the reported exploits by CTS-Labs and posted a blog post about their results. The fixing patches are coming soon (probably this week) in the forms of firmware updates and BIOS updates. You can read the full post on their site.

Sources: amdflaws.com, AMD, anandtech.com