CVE-2023-27879

Vulnerability

Improper access control in the firmware of certain Intel(R) Optane(TM) SSD products allows an unauthenticated attacker with physical access to potentially disclose information. The affected products include Intel Optane SSD AOP 1XX Series, Intel Optane SSD P1600X Series, Intel Optane SSD 905P Series, Intel Optane SSD 900P Series, and Intel Optane SSD DC P4800X Series. Firmware versions prior to the following are impacted: AOP 1XX Series firmware before 73P1; P1600X Series firmware before 73P1; 905P Series firmware before 73P1; 900P Series firmware before 72P1; DC P4800X Series firmware before 80P1 [1].

Exploitation

An attacker must have physical access to the targeted Intel Optane SSD product. No authentication is required. The attacker can exploit the improper access control by using a debug port or other low-level physical interface to read firmware data, potentially extracting sensitive information stored on the drive [1].

Impact

Successful exploitation leads to information disclosure, allowing the attacker to read data from the affected SSD that would normally be protected by access controls. The attacker does not gain code execution or privilege escalation, but the confidentiality of data stored on the device is compromised [1].

Mitigation

Intel released firmware updates for the affected products as detailed in the advisory INTEL-SA-00758 [1]. Users should update their SSD firmware to the following versions or later: AOP 1XX Series to version 73P1; P1600X Series to version 73P1; 905P Series to version 73P1; 900P Series to version 72P1; DC P4800X Series to version 80P1. The update is available through standard Intel firmware update mechanisms [1].