Featured in this episode of Chaos Lever
Two researchers from the University of Birmingham in England have developed an attack which can be used to compromise the Software Guard Extensions (SGX) feature on an Intel server. The attack uses control of the voltage regulator to modify cryptographic processes. Since the SGX doesn’t know about the firmware controlling baseboard components like the voltage regulator, it can’t detect the malicious attack.
Fortunately, the attack does require access to the board management controller (BMC) of the server, which is usually attached to a network that is physically segmented from the rest of the data center. Malicious firmware is injected into the BMC and used to manipulate the voltage.
In addition to breaking the SGX encryption, the voltage can also be used to overvolt the server, permanently bricking it. The duo have titled the attack PMFault, which is not nearly as cool as PM Dawn, the criminally underrated band from the mid-90s.