Discovered that there was a backdoor on the old VIA x86 processor


By VIA Gallery

A backdoor is structured in the CPU " VIA C3 Nehemiah " developed by VIA Technologies in Taiwan, and it became clear that you can take the administrator's authority of the system by using this back door.

GitHub - xoreaxeaxeax / rosenbridge: Hardware backdoors in x86 CPUs
https://github.com/xoreaxeaxeax/rosenbridge

Hacker Finds Hidden 'God Mode' on Old x86 CPUs
https://www.tomshardware.com/news/x86-hidden-god-mode,37582.html

The VIA C series processors are widely used in industrial automation, POS systems , bank ATMs and other applications. In addition, the backdoor found exists only in VIA C3 Nehemiah, which began selling in 2006, and its impact is considered quite limited.



What was functioning as a backdoor was a small chip that existed in VIA C3 Nehemiah. In this processor, it is clear that a small chip is buried separately from the x86 chip which has the function of the CPU body, and this small chip has played the role of a backdoor.

Security researcher Christopher Dumas said, "Small chips embedded in VIA C3 Nehemiah have the ability to bypass ring control access control and the most restrictive Ring 3 instructions are Ring 0 with no restrictions It is possible to execute it, "he points out the problem that administrator authority commands can be executed at the general user level.

Mr. Dumas has published a script on GitHub to check if VIA C3 Nehemiah's backdoor exists. In addition, for those who use the device equipped with the corresponding CPU, a script to invalidate backdoor is also released, and detailed usage can be confirmed in the script document .

GitHub - xoreaxeaxeax / rosenbridge: Hardware backdoors in x86 CPUs
https://github.com/xoreaxeaxeax/rosenbridge

in Hardware,   Security, Posted by darkhorse_log