On May 21st, two vulnerabilities (CVE-2018-3640 – Variant 3A- Rogue System Register Read and CVE-2018-3639 – Variant 4 – Speculative Store Bypass) were publicly disclosed. These vulnerabilities indicate new variants of the Spectre and Meltdown class of hardware vulnerabilities and use “side-channel attacks” against speculative execution on many CPU architectures. Each of the vulnerabilities, Variants 3a and 4, attempt to exploit AMD, ARM and Intel CPUs. The effects vary from vendor to vendor. Details are scarce at this time on how an attacker would use these vulnerabilities in practical attacks.
A “side-channel attack,” targets the implementation of a computer system rather than the actual implemented software or algorithm. The Spectre and Meltdown class of vulnerabilities use cache side-channel attacks, or monitor the cache within CPUs, to gain access to sensitive information that was previously unavailable through normal access. Variant 3a uses a method of exploitation known as “Rogue System Register Read,” while Variant 4 uses an attack called speculative store bypass. Both vulnerabilities are highly complex and take advantage of various features of the “speculative execution” within various CPU architectures. Both if executed properly could result in unauthorized access to information within a system’s memory, such as passwords or other sensitive data.
The Proficio Threat Intelligence Recommendations:
- Stay tuned for any type of practical attack that is being carried out in the wild against organizations leveraging these vulnerabilities. Note that these are difficult and complex vulnerabilities to leverage in practical attacks.
- Apply standard patches and updates to both hardware, software, and operating systems that would mitigate risks of these vulnerabilities.
General Info – Click Here