Friday , June 6 2025
Intel

Intel PC, laptop and server processors affected for 6 years: Report

A new class of vulnerabilities in Intel processors, called Branch Predictor Race Conditions (BPRC), enables attackers to extract sensitive data from the cache and RAM of other users on the same hardware.

Source: Computer Security Group (COMSEC) at the Department of Information Technology and Electrical Engineering at ETH Zurich

Recent research by computer scientists from the Computer Security Group (COMSEC) at the Department of Information Technology and Electrical Engineering at ETH Zurich shows the vulnerabilities that can be exploited to misuse the prediction calculations of the CPU (central processing unit) in order to gain unauthorised access to information from other processor users.

Critical Cisco ISE flaw impacts cloud deployments on AWS, Microsoft Azure, and OCI

Cisco fixed a critical vulnerability in the Identity Services Engine (ISE) that could let unauthorized attackers carry out harmful actions....
Read More
Critical Cisco ISE flaw impacts cloud deployments on AWS, Microsoft Azure, and OCI

App builiding platform exposes over 3 million records, including PII

Cybersecurity researcher Jeremiah Fowler discovered an unprotected database with 3,637,107 records likely from a no-code app-building platform. The unprotected database,...
Read More
App builiding platform exposes over 3 million records, including PII

CVSS 9.6: IBM QRadar & Cloud Pak Security Flaws Exposed

IBM has issued a security advisory for vulnerabilities in its QRadar Suite Software and Cloud Pak for Security platforms. These...
Read More
CVSS 9.6: IBM QRadar & Cloud Pak Security Flaws Exposed

ALERT
Thousands of IP addresses compromised nationwide: CIRT warn

As Bangladesh prepares for the extended Eid-ul-Adha holidays, the BGD e-GOV Computer Incident Response Team (CIRT) has issued an urgent...
Read More
ALERT  Thousands of IP addresses compromised nationwide: CIRT warn

New Android Malware ‘Crocodilus’ Targets Banks in 8 Countries

In March 2025, the Threatfabric mobile Threat Intelligence team identified Crocodilus, a new Android banking Trojan designed for device takeover....
Read More
New Android Malware ‘Crocodilus’ Targets Banks in 8 Countries

Qualcomm Patches 3 Zero-Days Used in Targeted Android Attacks

Qualcomm has issued security patches for three zero-day vulnerabilities in the Adreno GPU driver, affecting many chipsets that are being...
Read More
Qualcomm Patches 3 Zero-Days Used in Targeted Android Attacks

Critical RCE Flaw Patched in Roundcube Webmail

Roundcube Webmail has fixed a critical security flaw that could enable remote code execution after authentication. Disclosed by security researcher...
Read More
Critical RCE Flaw Patched in Roundcube Webmail

Hacker claim Leak of Deloitte Source Code & GitHub Credentials

A hacker known as "303" claim to breach the company's systems and leaked sensitive internal data on a dark web...
Read More
Hacker claim Leak of Deloitte Source Code & GitHub Credentials

CISA Issued Guidance for SIEM and SOAR Implementation

CISA and ACSC issued new guidance this week on how to procure, implement, and maintain SIEM and SOAR platforms. SIEM...
Read More
CISA Issued Guidance for SIEM and SOAR Implementation

Linux flaws enable password hash theft via core dumps in Ubuntu, RHEL, Fedora

The Qualys Threat Research Unit (TRU) found two local information-disclosure vulnerabilities in Apport and systemd-coredump. Both issues are race-condition vulnerabilities....
Read More
Linux flaws enable password hash theft via core dumps in Ubuntu, RHEL, Fedora

Kaveh Razavi, head of COMSEC said, “The security vulnerability affects all Intel processors,”. “We can use the vulnerability to read the entire contents of the processor’s buffer memory (cache) and the working memory (RAM) of another user of the same CPU.” The CPU uses the RAM (random access memory) and cache to temporarily store calculation steps and information that is likely to be needed next.

This vulnerability threatens data security, especially in cloud environments where users share hardware. It impacts the processors from the largest CPU manufacturer, used in PCs, laptops, and data center servers.

Nanosecond gap in authority check:

Sandro Rüegge examining the vulnerability in detail over the past few months said,”The so-called BPRC (Branch Predictor Race Conditions) emerge during a brief period of a few nanoseconds when the processor switches between prediction calculations for two users with different permissions.”

An attacker can exploit vulnerabilities in user privileges because permissions for actions are not stored simultaneously with calculations. By manipulating inputs, they can create confusion when switching users, leading to incorrect privilege assignments. This could allow them to read an information byte, which is made up of eight binary bits.

Unlocking entire contents of memory byte by byte:

Disclosing a single byte is minor, but the attack can be quickly repeated, allowing the entire memory to be read gradually, according to Rüegge. “We can trigger the error repeatedly to read over 5000 bytes per second.” Thus, during an attack, it’s only a matter of time before all CPU memory is compromised.

Part of a series of security vulnerabilities:

ETH Zurich researchers have identified a new vulnerability in speculative CPU technologies, which dates back to the mid-1990s. The first major vulnerabilities, Spectre and Meltdown, emerged in 2017, followed by various new variants. In 2022, former PhD student Johannes Wikner discovered Retbleed, which exploited speculatively executed instructions in the CPU’s cache to access other users’ information.

Suspicious signal reveals vulnerability:

Johannes Wikner said, “The starting point for the discovery of the new vulnerability class was work that followed on from the Retbleed investigations. “I examined the functions of the protective measures that Intel had introduced to patch up the Retbleed vulnerability.”

In doing so, he discovered an unusual signal from the cache memory that appeared regardless of whether the protective measures were enabled or disabled. Rüegge then took over detailed analysis of the cause of the signal and, based on this work, was able to uncover the new attack vector.

Fundamental architectural problem:

The vulnerability was discovered back in September 2024. Since then, Intel has put measures in place to protect its processors. However, it appears that the issue is more severe. “The series of newly discovered vulnerabilities in speculative technologies shows that there are basic flaws in the architecture,” Razavi points out. “We need to identify each gap and fix them.”

This requires a specific update to the processor’s microcode, which can be installed through a BIOS or operating system update that should be included in one of the latest cumulative updates from Windows.

Check Also

New Android Malware ‘Crocodilus’ Targets Banks in 8 Countries

In March 2025, the Threatfabric mobile Threat Intelligence team identified Crocodilus, a new Android banking …

Leave a Reply

Your email address will not be published. Required fields are marked *