Very Low
ThunderSpy
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
Add References:
Very Low
(3 users assessed)Very Low
(3 users assessed)Unknown
Unknown
Unknown
ThunderSpy
MITRE ATT&CK
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Topic Tags
Description
A combination of vulnerabilities for the Thunderbolt protocol have been announced that allow a malicious actor to access most machines with a Thunderbolt port and bypass security restrictions on the device.
Add Assessment
Ratings
-
Attacker ValueVery Low
-
ExploitabilityVery Low
Technical Analysis
The risks of DMA attacks over PCI-Express are known for quite some time. Every PCIe device can potentially access physical memory inside a machine and exfiltrate private data like encryption keys or passwords. Modifications are also possible. As Thunderbolt has the capability to tunnel PCIe traffic, this is also possible by external Thunderbolt devices. One of the countermeasures implemented in the Thunderbolt controllers against unknown devices behaving evil is to block them entirely by employing a user configurable whitelist.
The presented vulnerabilities affect these security measures and allow to authenticate malicious devices which then can be used to perform subsequent DMA attacks. The Thunderbolt controller responsible for authenticating the devices has its own microcontroller and runs firmware from a small SPI flash chip usually sitting next to it on the circuit board. The whitelist is stored on this SPI flash chip as well.
If the attacker has physical access to a machine, he can disassemble it, locate the flash chip and read or write it using an external device to tamper with the firmware or the whitelist stored on this device.
After managing to authenticate a malicious thunderbolt device, it is possible to access the main physical memory of the machine using DMA transfers over PCIe. This issue is known for some time and there are other countermeasures in place to prevent malicious DMA accesses. To restrict devices on a PCIe bus from accessing whatever memory they want, the system firmware or operating system can configure the IOMMU to restrict what memory regions can be accessed or not. This is the responsibility of the software running on the system which currently only mac OS seems to perform by default. Also as an IOMMU is a piece of hardware, it needs to be supported by the platform.
Possible mitigations against the attacks:
- Don’t let anybody disassemble your machine
- Disable the Thunderbolt controller completely in the BIOS – this means disabling the PCIe device, not only setting the security level to passthrough as this setting can be bypassed using the attack
- Only attach trusted devices to your machine
- Consult the documentation of your hardware and operating system how to configure the IOMMU correctly to prevent malicious DMA memory accesses
Would you also like to delete your Exploited in the Wild Report?
Delete Assessment Only Delete Assessment and Exploited in the Wild ReportRatings
-
Attacker ValueVery Low
-
ExploitabilityVery Low
Technical Analysis
While the probability of this exploit is low this does highlight the importance of physical security.
Your average attacker will not find this useful, however if your threat model includes nation states and you happen to travel a lot – take note.
Would you also like to delete your Exploited in the Wild Report?
Delete Assessment Only Delete Assessment and Exploited in the Wild ReportI appreciate that you included a specific threat model scenario here, thanks!
I had a buddy that used to leave one screw loose on his Thinkpad intentionally, so if he ever noticed it was tightened, it would be a sign that someone had tampered with it. Or am I thinking of a Neal Stephenson novel?
Ratings
-
Attacker ValueVery Low
-
ExploitabilityVery Low
Technical Analysis
The key feature of this bug in @agalauner-r7’s assessment here is, “Don’t let anybody disassemble your machine.” I’m calling this issue “authenticated” because if you’re in a position to turn some screws on the case, you’re practically authenticated. :)
Would you also like to delete your Exploited in the Wild Report?
Delete Assessment Only Delete Assessment and Exploited in the Wild ReportGeneral Information
References
Additional Info
Technical Analysis
Report as Emergent Threat Response
Report as Exploited in the Wild
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below: