NEWS ANALYSIS: Security researchers report that the Intel VISA chips can be exploited to expose information from signals that pass through the system boards of some computers.
Depending on how you look at it, the Intel technology known as Visualization of Internal Signals Architecture, or VISA, is either a feature or a bug. It exists in the Platform Controller Hub (PCH) of Intel-based computer systems, and it’s controlled by the Intel Management Engine. The role of the VISA technology is to provide a flexible signals analysis processor that can be used in debugging of computer hardware, primarily computer system boards.
The Intel Management Engine that controls the VISA technology is a small, low-power embedded computer that runs a modified version of the MINIX operating system. While Intel doesn’t talk about the IME, its existence has been known for a few years. The existence of the VISA technology was discovered by security researchers at Positive Technologies last year.
Intel does have documentation regarding the VISA technology, but it’s protected by an NDA and access is tightly controlled. However, two researchers at Positive Technologies, Maxim Goryachy and Mark Ermolov, report that they’ve discovered the capabilities of the VISA technology, and they’ve found ways to enable it and use the data to discover the inner workings of a computer system that contains it.
Announced at Black Hat Asia March 28
The researchers announced their findings at Black Hat Asia on March 28. They said that a vulnerability they’d previously discovered (INTEL-SA-00086) that allowed them to run unsigned code in the Intel Management Engine also allowed them access to the VISA hardware....MUCH MORE
