in ,

New vulnerability in Intel processors called CacheOut leaks sensitive data

CacheOut, a new vulnerability in Intel processors leaks sensitive data

After researchers from Michigan University announced that they discovered a vulnerability called CacheOut in some Intel processors, the company published a list of affected models. According to the researchers, by using CacheOut method a hacker might reach some or all of data that is in the processor’s cache. The vulnerability also allows to execute commands on hardware level.

The method (CVE-2020-0549 or CacheOut) carries a severity rating of 6.5 which is considered as medium risk by the researchers. According to Intel, it is possible to extract data from the L1 data cache of these processors. Worse still, the hackers don’t need to wait for specific data to be available, they can now pick which data they want to attain to.

Which Intel processors are affected by CacheOut vulnerability?

Intel has published a list of processor models in which this vulnerability has been discovered and may allow attackers to access the L1 cache. Apparently most of the Xeon processors are not affected but some do, also some Intel Kaby Lake, Coby Lake, Whiskey Lake, Amber Lake, Skylake and Cascade Lake processors may also be exploited.

In addition to publishing the list, Intel provided a microcode update to fix the problem and advised operating system developers on how to develop updates to protect against CacheOut.