The bug – CVE-2020-0526 – was assigned a ‘medium’ risk level, as is was found that the security bug could also lead to privilege escalation. In his presentation at Black Hat Asia today, Han introduced an update to BitLeaker, unveiling a new vulnerability related to the fTPM, specifically in the Intel Platform Trust Technology (PTT), that can also be exploited. Han detailed a proof-of-concept in a video, in which he uses a USB bootloader. It was this vulnerability that allowed Han to access encrypted files by using the BitLeaker tool. YOU MAY LIKE BitCracker: Password-cracking software designed to break Windows’ BitLocker ![]() It allows local users to overwrite static PCRs of TPM and neutralize the security features of it, such as seal/unseal and remote attestation.” Two types of TPM – hardware-based discrete TPM (dTPM) and firmware-based TPM (fTPM) – are used to protect BitLocker’s Volume Master Key (VMK), the key that decrypts partitioned files.īack in 2018, Han and a team of researchers first discovered CVE-2018-6622, a local vulnerability in the dTPM 2.0.Īn advisory explains: “An abnormal case is not handled properly by this firmware while S3 sleep and can clear TPM 2.0. Han explained how the tool BitLeaker, built for Windows 10, can leverage a vulnerability in the ACPI S3 sleeping state to bypass full disk encryption. It is compatible with Trusted Platform Modules (TPMs) and encrypts data stored on disk to prevent unauthorized access in cases of device theft or remote attacks. Microsoft’s data security technology exploited by BitLeaker toolĪ vulnerability in BitLocker’s “tamper-resistant” security technology can be exploited to break the full disk encryption technology that comes bundled with Windows devices.Īt the virtual Black Hat Asia security conference today, researcher Seunghun Han introduced a tool that can be used to subvert BitLocker security protections.īitLocker is Microsoft’s implementation of full disk encryption.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |