New vulnerability in intel processors with visa

Processors based on the x86 architecture are incredibly large and complex, something that makes it very difficult for there to be no mistakes in their design. This year 2018, the Meltdown and Specter vulnerabilities have been discovered, as well as numerous problems in the Intel Management Engine, which shows the great complexity of these chips. Intel's x86 architecture is now facing a new, as yet unannounced vulnerability related to Intel's Internal Signal Display (VISA) technology.

Major new vulnerability in Intel VISA

Black Hat has discovered that the modern Platform Controller Hub (PCH) and the CPU, contain a full-blown logical signal analyzer, which allows to monitor the state of internal lines and buses in real time, a whole gold mine for researchers. A previously discovered vulnerability, INTEL-SA-00086, allowed the study of this technology, which is called the Intel Internal Signal Display Architecture (VISA).

We recommend reading our article on How to know that I have a very good processor for overclocking

Black Hat researchers believe that VISA is used for verification of the chip manufacturing line, allowing the creation of custom rules to capture and analyze signals. VISA documentation is subject to NDA and is not available to normal users. However, with the help of publicly available methods, the full capabilities of this technology can be accessed on publicly available motherboards without the need for any hardware modification.

Once access to VISA is obtained, the internal architecture of PCH can be partially reconstructed and dozens of devices invisible to the user and still able to access certain critical data can be discovered. Black Hat aims to demonstrate how to read signals from internal PCH buses and other internal security-sensitive devices. Black Hat will abide by the 90-day grace period given to companies to fix vulnerabilities before releasing them.

Blackhat font