Security researchers have determined a previously unknown feature in the Intel chipsets that could permit an attacker to intercept statistics from the computer reminiscence. The function referred to as Intel Visualization of Internal Signals Architecture (Intel VISA) is an application bundled through the chipmaker for testing on the manufacturing lines. Although Intel doesn’t publicly disclose the life of the Intel VISA and is extraordinarily secretive about it, the researchers were able to locate numerous methods to enable the function at the Intel chipsets and seize the information from the CPU
According to a presentation by researchers Mark Ermolov and Maxim Goryachy of Positive Technologies at the continuing Blackhat Asia 2019 convention in Singapore, their exploits of the Intel chipsets don’t require any hardware changes or unique equipment. However, one of the techniques shared by the researchers worried about vulnerabilities specific to the Intel-SA-00086 advisory, which provides access to Intel Management Engine (Intel ME) and, in turn, helps allow VISA. Access to Intel VISA makes the laptop’s information vulnerable and obtainable to the attacker.
Intel underplayed the make the most and informed ZDNet that the VISA trouble requires bodily access to the machines, and the Intel-SA-00086 vulnerabilities have already been mitigated. The researchers, however, disagreed with Intel’s comments and reportedly said in an internet dialogue that the patched Intel firmware might be downgraded using Intel ME, making the chipset prone and establishing the door for accessing Intel VISA.
Mark Ermolov also mentioned that the vulnerabilities in Intel-SA-00086 are just one approach to obtaining a visa. Other methods, including Orange Mystery and Intel JTAG passwords, are also available. The technical details of those exploits may be observed in the presentation slides shared on the Blackhat Asia website.