Remote hackers can modify CPU voltage to steal secrets from Intel SGX enclaves

An undocumented feature in Intel CPUs allows attackers to manipulate the voltage of Intel CPUs to trigger computational faults in a controlled manner. This can be used to defeat the security guarantees of the Intel SGX trusted execution environment, which is meant to protect cryptographic secrets and to isolate sensitive code execution in memory.

The Intel Software Guard Extensions (SGX) is a technology present in modern Intel CPUs that allow users to set up so-called enclaves where the CPU encrypts part of the memory and doesn’t allow any programs except those running inside the enclave to access it.

To read this article in full, please click here