Global InformationThunderspy information
 A logo created for the vulnerability, featuring an image of a spy | |
| CVE identifier(s) | CVE-2020-???? |
|---|---|
| Date discovered | May 2020 |
| Date patched | 2019 via Kernel DMA Protection |
| Discoverer | Björn Ruytenberg |
| Affected hardware | Computers manufactured before 2019, and some after that, having the Intel Thunderbolt 3 (and below) port.[1] |
| Website | thunderspy |
Thunderspy is a type of security vulnerability, based on the Intel Thunderbolt 3 port, first reported publicly on 10 May 2020, that can result in an evil maid (i.e., attacker of an unattended device) attack gaining full access to a computer's information in about five minutes, and may affect millions of Apple, Linux and Windows computers, as well as any computers manufactured before 2019, and some after that.[1][2][3][4][5][6][7][8]
According to Björn Ruytenberg, the discoverer of the vulnerability, "All the evil maid needs to do is unscrew the backplate, attach a device momentarily, reprogram the firmware, reattach the backplate, and the evil maid gets full access to the laptop. All of this can be done in under five minutes."[1] The malicious firmware is used to clone device identities which makes classical DMA attack possible.[4]
- ^ a b c Greenberg, Andy (10 May 2020). "Thunderbolt Flaws Expose Millions of PCs to Hands-On Hacking - The so-called Thunderspy attack takes less than five minutes to pull off with physical access to a device, and it affects any PC manufactured before 2019". Wired. Retrieved 11 May 2020.
- ^ Porter, Jon (11 May 2020). "Thunderbolt flaw allows access to a PC's data in minutes - Affects all Thunderbolt-enabled PCs manufactured before 2019, and some after that". The Verge. Retrieved 11 May 2020.
- ^ Doffman, Zak (11 May 2020). "Intel Confirms Critical New Security Problem For Windows Users". Forbes. Retrieved 11 May 2020.
- ^ a b Ruytenberg, Björn (2020). "Thunderspy: When Lightning Strikes Thrice: Breaking Thunderbolt 3 Security". Thunderspy.io. Retrieved 11 May 2020.
- ^ Kovacs, Eduard (11 May 2020). "Thunderspy: More Thunderbolt Flaws Expose Millions of Computers to Attacks". SecurityWeek.com. Retrieved 11 May 2020.
- ^ O'Donnell, Lindsey (11 May 2020). "Millions of Thunderbolt-Equipped Devices Open to 'ThunderSpy' Attack". ThreatPost.com. Retrieved 11 May 2020.
- ^ Wyciślik-Wilson, Sofia (11 May 2020). "Thunderspy vulnerability in Thunderbolt 3 allows hackers to steal files from Windows and Linux machines". BetaNews.com. Retrieved 11 May 2020.
- ^ Gorey, Colm (11 May 2020). "Thunderspy: What you need to know about unpatchable flaw in older PCs". SiliconRepublic.com. Retrieved 12 May 2020.