Mar 28, 2024NewsroomHardware Security / Vulnerability

Cybersecurity researchers from ETH Zurich have developed a new variant of the RowHammer DRAM (dynamic random-access memory) attack that, for the first time, successfully works against AMD Zen 2 and Zen 3 systems despite mitigations such as Target Row Refresh (TRR).

“This result proves that AMD systems are equally vulnerable to Rowhammer as Intel systems, which greatly increases the attack surface, considering today’s AMD market share of around 36% on x86 desktop CPUs,” the researchers said.

The technique has been codenamed ZenHammer, which can also trigger RowHammer bit flips on DDR5 devices for the first time.

RowHammer, first publicly disclosed in 2014, is a well-known attack that exploits DRAM’s memory cell architecture to alter data by repeatedly accessing a specific row (aka hammering) to cause the electrical charge of a cell to leak to adjacent cells.

This can induce random bit flips in neighboring memory rows (from 0 to 1, or vice versa), which can alter the memory contents and potentially facilitate privilege escalation, compromising system credentials, integrity, and availability of a system.

The attacks take advantage of the physical proximity of these cells within the memory array, a problem that’s likely to worsen as the DRAM technology scaling continues and the storage density increases.

“As DRAM continues to scale, RowHammer bit flips can occur at smaller activation counts and thus a benign workload’s DRAM row activation rates can approach or even exceed the RowHammer threshold,” ETH Zurich researchers noted in a paper published in November 2022.

“Thus, a system may experience bit flips or frequently trigger RowHammer defense mechanisms even without a malicious party performing a RowHammer attack in the system, leading to data corruption or significant performance degradation.”

One of the crucial mitigations implemented by DRAM manufacturers against RowHammer is TRR, which is an umbrella term used for mechanisms that refresh target rows that are determined to be accessed frequently.

In doing so, the idea is to generate more memory refresh operations so that victim rows will either be refreshed before bits are flipped or be corrected after bits are flipped due to RowHammer attacks.

ZenHammer, like TRRespass and SMASH, bypasses TRR guardrails by reverse engineering the secret DRAM address functions in AMD systems and adopting improved refresh synchronization and scheduling of flushing and fencing instructions to trigger bit flips on seven out of 10 sample Zen 2 devices and six out of 10 Zen 3 devices.

The study also arrived at an optimal hammering instruction sequence to improve row activation rates in order to facilitate more effective hammering.

“Our results showed that regular loads (MOV) with CLFLUSHOPT for flushing aggressors from the cache, issued immediately after accessing an aggressor (‘scatter’ style), is optimal,” the researchers said.

ZenHammer has the distinction of being the very first method that can trigger bit flips on systems equipped with DDR5 chips on AMD’s Zen 4 microarchitectural platform. That said, it only works on one of the 10 tested devices (Ryzen 7 7700X).

It’s worth noting that DDR5 DRAM modules were previously considered immune to RowHammer attacks owing to them replacing TRR with a new kind of protection called refresh management.

“The changes in DDR5 such as improved RowHammer mitigations, on-die error correction code (ECC), and a higher refresh rate (32 ms) make it harder to trigger bit flip,” the researchers said.

“Given the lack of bit flips on nine of 10 DDR5 devices, more work is needed to better understand the potentially new RowHammer mitigations and their security guarantees.”

AMD, in a security bulletin, said it’s assessing RowHammer bit flips on DDR5 devices, and that it will provide an update following its completion.

“AMD microprocessor products include memory controllers designed to meet industry-standard DDR specifications,” it added. “Susceptibility to RowHammer attacks varies based on the DRAM device, vendor, technology, and system settings.”

Feb 29, 2024NewsroomThreat Intelligence / Cyber Threat

Cybersecurity researchers have disclosed a new attack technique called Silver SAML that can be successful even in cases where mitigations have been applied against Golden SAML attacks.

Silver SAML “enables the exploitation of SAML to launch attacks from an identity provider like Entra ID against applications configured to use it for authentication, such as Salesforce,” Semperis researchers Tomer Nahum and Eric Woodruff said in a report shared with The Hacker News.

Golden SAML (short for Security Assertion Markup Language) was first documented by CyberArk in 2017. The attack vector, in a nutshell, entails the abuse of the interoperable authentication standard to impersonate almost any identity in an organization.

It’s also similar to the Golden Ticket attack in that it grants attackers the ability to gain unauthorized access to any service in a federation with any privileges and to stay persistent in this environment in a stealthy manner.

“Golden SAML introduces to a federation the advantages that golden ticket offers in a Kerberos environment – from gaining any type of access to stealthily maintaining persistency,” security researcher Shaked Reiner noted at the time.

Real-world attacks leveraging the method have been rare, the first recorded use being the compromise of SolarWinds infrastructure to gain administrative access by forging SAML tokens using compromised SAML token signing certificates.

Golden SAML has also been weaponized by an Iranian threat actor codenamed Peach Sandstorm in a March 2023 intrusion to access an unnamed target’s cloud resources sans requiring any password, Microsoft revealed in September 2023.

The latest approach is a spin on Golden SAML that works with an identity provider (IdP) like Microsoft Entra ID (formerly Azure Active Directory) and doesn’t require access to the Active Directory Federation Services (AD FS). It has been assessed as a moderate-severity threat to organizations.

“Within Entra ID, Microsoft provides a self-signed certificate for SAML response signing,” the researchers said. “Alternatively, organizations can choose to use an externally generated certificate such as those from Okta. However, that option introduces a security risk.”

“Any attacker that obtains the private key of an externally generated certificate can forge any SAML response they want and sign that response with the same private key that Entra ID holds. With this type of forged SAML response, the attacker can then access the application — as any user.”

Following responsible disclosure to Microsoft on January 2, 2024, the company said the issue does not meet its bar for immediate servicing, but noted it will take appropriate action as needed to safeguard customers.

While there is no evidence that Silver SAML has been exploited in the wild, organizations are required to use only Entra ID self-signed certificates for SAML signing purposes. Semperis has also made available a proof-of-concept (PoC) dubbed SilverSAMLForger to create custom SAML responses.

“Organizations can monitor Entra ID audit logs for changes to PreferredTokenSigningKeyThumbprint under ApplicationManagement,” the researchers said.

“You will need to correlate those events to Add service principal credential events that relate to the service principal. The rotation of expired certificates is a common process, so you will need to determine whether the audit events are legitimate. Implementing change control processes to document the rotation can help to minimize confusion during rotation events.”