The hits keep coming for Intel. An advisory was released on Tuesday warning of a new exploit called NetCAT, which allows “bad actors to sniff out encrypted passwords as they are being typed into a secure shell session (SSH).” All modern Intel server CPUs made since 2012 are affected.

The vulnerability stems from the company’s Data-Direct I/O (DDIO) Technology, which is meant to improve performance by allowing Ethernet controllers/adapters to talk directly with Xeon processors. AMD chips are not affected.

Targeting DDIO, an attacker could uncover the arrival time of individual network packets from an SSH session, using a remote cache side channel – thus obtaining sensitive information from the cache of the impacted application server.

Discussion

Don’t Miss Out on More FPS Review Content!

Our weekly newsletter includes a recap of our reviews and a run down of the most popular tech news that we published.