Ben Fox Rubin/CNET



Security researchers have discovered a hole in the read-only memory (ROM) of Intel chips and believe that it cannot be repaired, leaving all Intel devices except 10th generation devices exposed. The discovery, announced Thursday by security firm Positive Technologies, points to a bug in Intel’s boot ROM that allows every system with the problem to be susceptible to a hack.

The vulnerability was found in Intel’s Converged Security and Management Engine (CSME) ROM, Mark Ermolov, Positive Technologies’ senior hardware and operating system security specialist, said in a blog post. Ermolov assures that the problem “jeopardizes everything that Intel has done to generate the root of the trust and to establish a solid base of security in the platforms of the company”.

“The problem is not only that it is impossible to correct the errors of the firmware which are encoded in the ROM mask of the microprocessors and chipsets, “adds Ermolov.” The biggest concern is that, because this vulnerability allows compromising the hardware, the chain of trust for the platform as a whole is destroyed. “.

When the group contacted Intel, they were told that the chip giant was already aware of the problem.

The CSME is responsible for the first authentication, upload and verification of the firmware Intel-based devices. Being exposed early in the boot process could expose the computer to the point where, in a worst-case scenario, according to the group, “hardware IDs will be forged, digital content will be extracted, and data will be decrypted. data from encrypted hard drives. “

Intel updated a patch to fix some of the vulnerabilities earlier this year, crediting Positive Technologies with its acknowledgments, but researchers believe the hole cannot be fully fixed.

Positive Technologies assures that this hole is exposed in all Intel chips, except in the 10th generation, but emphasizes that it believes that “there must be many ways to exploit this vulnerability in the ROM”, some of which “may need local access “, as malwarewhile others will need “physical access” to attack the computer in question.

Intel has not yet responded to a request for information in this regard.