MDS Attacks [ZombieLoad, RIDL, and Fallout] — A new class of Spectre-style flaws discovered in #Intel CPUs that affects almost every processor since 2011, allowing attackers to steal sensitive data across processes, privilege boundaries and Hyperthreads.

https://thehackernews.com/2019/05/intel-processor-vulnerabilities.html

💻 SWAPGS Attack [CVE-2019-1125]

A new Spectre (v1) like side-channel vulnerability affects all modern #Intel CPUs that leverage speculative execution.

https://thehackernews.com/2019/08/swapgs-speculative-execution.html

According to Microsoft & Red Hat advisories, the vulnerability could allow unprivileged local attackers to access sensitive information stored in the operating system privileged kernel memory, including passwords, tokens and encryption keys, that would otherwise be inaccessible.

⚠️ TPM-Fail(ed)

New potentially serious CPU vulnerabilities could allow attackers to retrieve cryptographic keys protected inside TPM chips manufactured by STMicroelectronics or firmware-based #Intel TPMs.

Read more: https://thehackernews.com/2019/11/tpm-encryption-keys-hacking.html

➡️ CVE-2019-11090
➡️ CVE-2019-16863

Researchers uncover 'UEFIcanhazbufferoverflow' (CVE-2024-0762), a security flaw in Phoenix SecureCore UEFI firmware affecting multiple #Intel processor families.

Learn more: https://thehackernews.com/2024/06/researchers-uncover-uefi-vulnerability.html