Researchers have discovered another interesting vulnerability in the line of speculative execution attacks in Intel processors. This vulnerability has been named Load Value Injection (LVI), and is tracked as CVE-2020-0551. LVI is a new class of side-channel attacks that abuses microarchitectural flaws in processors to steal data. Modern processors resistant to Meltdown, Foreshadow, ZombieLoad, RIDL […]

Read More →

Researchers have uncovered a serious vulnerability (CVE-2019-0090) in Intel’s CSME, which is unfixable and allows compromise of the hardware too. Intel CSME is known as the ‘root of trust‘. The vulnerability specifically lies in the ROM of the Intel Converged Security and Management Engine (CSME) and weakens the security foundation of Intel processors. Intel had […]

Read More →

Intel patched a high severity bug in CSME subsystem which allows an attacker to carry out privilege escalation, information disclosure and denial of service. Intel Converged Security and Management Engine (CSME) is a chipset subsystem which powers Intel’s Active Management technologies. CSME is used for remote out-of-band management in consumer or corporate PCs, Internet of […]

Read More →

Two new critical vulnerabilities have been discovered affecting every processor since 1995, which allow malicious programs to steal information from other programs memory. These vulnerabilities are named as Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5753 and CVE-2017-5715). Meltdown and Spectre vulnerabilities affect all processors since 1995 including AMD, ARM, and Intel.¬†These vulnerabilities allow an attacker to access […]

Read More →