A new type of cyber attack on third -party channels, which received the name Hertzbleed, allows the attackers to remove the cryptographic keys to the whole, observing the changes in the frequency of the processor.
This vector opens on modern X86 processors from Intel (vulnerability under the identifier CVE-2022-24436) and AMD (CVE-2022-23823). Thifting (Dynamic Frequency Scaling, DVFS), which plays a key role, depends on the power consumption and processed data.
As a rule, DVFS is used by modern processors as a figurative barrier, which does not allow the system to go beyond the limits of power and temperature at high loads.
Specialists of Texas, Illinois and Washington’s university specialists told about the attack by Hertzbleed. They explain their find as follows:
As noted in Intel, the corresponding vulnerability affects all the processors of the corporation. Moreover, remote operation allows an attacker with low rights to carry out a cyber attack without any interaction with the user.