Compromising Confidential Compute, One Bug at a Time

Confidential Compute is a promising new technology designed to protect cloud customers' most sensitive data – such as financial or medical information, and other high-value proprietary data like AI models – by ensuring the confidentiality and integrity of the customers' VMs, isolating them even from the cloud provider.
In this talk, we will demonstrate weaknesses we discovered in Intel's Confidential Compute technology called TDX, and how they allow a malicious cloud provider to bypass the confidentiality and integrity promises made to cloud customers.
First, we will introduce you to the internals of TDX and will guide you through our review process: the methodology we followed to review TDX, the emulation tooling we developed for security testing purposes, and how it influenced our understanding and review strategy. Following that, we will share our initial findings, how they further directed our research, how we ultimately discovered critical vulnerabilities as a result, and how one of these can be exploited to achieve full privilege escalation into the TDX firmware.
We will conclude by discussing Intel's fixes for the issues, and will provide hints and directions for further security research on TDX.

By:
Maxime Villard | Senior Security Researcher, Microsoft
Yair Netzer | Principal Security Research Manager, Microsoft
Ben Hania | Senior Security Researcher, Microsoft

Full Abstract and Presentation Materials:
https://www.blackhat.com/us-24/briefi...