Cryptographic timing conditions in the subsystem for Intel(R) PTT prior to 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.0 and 14.0.10; Intel(R) TXE 3.1.70 and 4.0.20; Intel(R) SPS prior to SPS_E5_04.01.04.305.0, SPS_SoC-X_04.00.04.108.0, SPS_SoC-A_04.00.04.191.0, SPS_E3_04.01.04.086.0, SPS_E3_04.08.04.047.0 may allow an unauthenticated user to potentially enable information disclosure via network access.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
intel platform trust technology firmware |
||
intel server platform services firmware |
||
intel trusted execution engine firmware |
You know what they say: Timing is... everything True to its name, Intel CPU flaw ZombieLoad comes shuffling back with new variant
Trusted Platform Modules, specialized processors or firmware that protect the cryptographic keys used to secure operating systems, are not entirely trustworthy. Boffins from the Worcester Polytechnic Institute and University of California, San Diego, in the US, and the University of Lübeck in Germany, have found that TPMs leak timing information that allows the recovery of the private keys used for cryptographic signatures. In a paper [PDF] published on Tuesday, "TPM-FAIL: TPM meets Timing and...