{"id":47902,"date":"2022-08-09T17:00:15","date_gmt":"2022-08-09T17:00:15","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/apic-fail-intel-sunny-cove-chips-with-sgx-spill-secrets\/"},"modified":"2022-08-09T17:00:15","modified_gmt":"2022-08-09T17:00:15","slug":"apic-fail-intel-sunny-cove-chips-with-sgx-spill-secrets","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/apic-fail-intel-sunny-cove-chips-with-sgx-spill-secrets\/","title":{"rendered":"APIC fail: Intel &#8216;Sunny Cove&#8217; chips with SGX spill secrets"},"content":{"rendered":"<p>A group of computer scientists has identified an architectural error in certain recent Intel CPUs that can be abused to expose SGX enclave data like private encryption keys.<\/p>\n<p>They call it \u00c6PIC Leak because it affects the memory-mapped registers of the local Advanced Programmable Interrupt Controller (APIC), which helps the CPU handle interrupt requests from various sources in order to facilitate multiprocessing.<\/p>\n<p>Found by Pietro Borrello (Sapienza University of Rome), Andreas Kogler (Graz University of Technology), Martin Schwarzl (Graz), Moritz Lipp (Amazon Web Services), Daniel Gruss (Graz), and Michael Schwarz (CISPA Helmholtz Center for Information Security), the flaw is described in <a target=\"_blank\" href=\"https:\/\/regmedia.co.uk\/2022\/08\/08\/aepicleak_paper.pdf\" rel=\"noopener\">a paper<\/a> [PDF] titled, &#8220;\u00c6PIC Leak: Architecturally Leaking Uninitialized Data from the Microarchitecture.&#8221;<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"condor\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YvLTMe-utdv8fKVIT1WVKwAAAEU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YvLTMe-utdv8fKVIT1WVKwAAAEU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>&#8220;We discover \u00c6PIC Leak, the first architectural CPU bug that leaks stale data from the microarchitecture without using a side channel,&#8221; the authors explain in their paper, which was provided to <em>The Register<\/em>.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xmd=\",fluid,mpu,leaderboard,\" data-lg=\",fluid,mpu,leaderboard,\" data-xlg=\",fluid,billboard,superleaderboard,mpu,leaderboard,\" data-xxlg=\",fluid,billboard,superleaderboard,brandwidth,brandimpact,leaderboard,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44YvLTMe-utdv8fKVIT1WVKwAAAEU&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44YvLTMe-utdv8fKVIT1WVKwAAAEU&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<div class=\"adun_eagle_desktop_story_wrapper\">\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"mid\" data-raptor=\"eagle\" data-xxlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33YvLTMe-utdv8fKVIT1WVKwAAAEU&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33YvLTMe-utdv8fKVIT1WVKwAAAEU&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<\/p><\/div>\n<p>The bug affects recent Intel CPUs based on the company&#8217;s <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/en.wikichip.org\/wiki\/intel\/microarchitectures\/sunny_cove\">Sunny Cove microarchitecture<\/a>, the authors say. This includes: Intel&#8217;s 10th generation Ice Lake CPUs; its current 3rd generation Xeon scalable server CPUs (Ice Lake SP); and, it is claimed, new 12th generation Alder Lake CPUs (Golden Cove).<\/p>\n<p>But there&#8217;s some disagreement about this: Intel says Alder Lake isn&#8217;t affected because it doesn&#8217;t support SGX, but allows that other CPUs not identified by the researchers are affected (see below).<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44YvLTMe-utdv8fKVIT1WVKwAAAEU&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44YvLTMe-utdv8fKVIT1WVKwAAAEU&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>\u00c6PIC Leak is not a transient execution attack like Meltdown that relies on a side-channel to infer sensitive data. Rather it&#8217;s the result of a chip architecture flaw along the lines of the <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.cs.earlham.edu\/~dusko\/cs63\/fdiv.html\">Pentium FDIV bug<\/a> or the <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/insecure.org\/sploits\/intel.f00f.pentiumbug.html\">Pentium F00F bug<\/a>.<\/p>\n<p>The authors liken the bug to an <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.intel.com\/content\/www\/us\/en\/develop\/documentation\/inspector-user-guide-linux\/top\/problem-type-reference\/uninitialized-memory-access.html\">uninitialized memory read<\/a> in the CPU itself. They scanned the I\/O address space on Sunny Cove-based Intel CPUs and found that the memory-mapped registers of the local APIC are not cleanly initialized. Consequently, reading these registers returns stale data of recent memory loads and stores that went from the L2 to the L3 cache or vice versa.<\/p>\n<p>Fortunately, accessing the APIC MIMO requires admin or root privileges, so for most systems \u00c6PIC Leak isn&#8217;t an issue. In a virtualized environment, for example, hypervisors do not expose direct access to the host local APIC. So a malicious VM could not exploit the bug to leak data.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" id=\"story_eagle_xsm_sm_md_xmd_lg_xlg\" data-pos=\"mid\" data-raptor=\"eagle\" data-xsm=\",mpu,dmpu,\" data-sm=\",mpu,dmpu,\" data-md=\",mpu,dmpu,\" data-xmd=\",mpu,dmpu,\" data-lg=\",mpu,dmpu,\" data-xlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33YvLTMe-utdv8fKVIT1WVKwAAAEU&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33YvLTMe-utdv8fKVIT1WVKwAAAEU&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>However, on systems using Intel SGX \u2013 Software Guard Extensions, hardware-based memory encryption for creating secure, isolated environments \u2013 the architecture flaw becomes meaningful. The researchers devised two techniques \u2013 Cache Line Freezing and Enclave Shaking \u2013 that they were able to use to obtain AES-NI keys and RSA keys from Intel\u2019s IPP library and the Intel SGX sealing and remote attestation keys.<\/p>\n<p>Intel in January announced that it is deprecating SGX \u2013 already <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2020\/11\/14\/intel_sgx_physical_security\/\" rel=\"noopener\">battered by several attacks<\/a> \u2013 for its client CPUs. But the technology remains in place for server CPUs like third-generation Xeons. If \u00c6PIC Leak is not addressed, the researchers say, the bug poses &#8220;a significant threat to enclave security.&#8221;<\/p>\n<p>The vulnerability was disclosed to Intel on December 8, 2021, and was acknowledged on December 22, 2021, and assigned CVE-2022-21233. As short-term mitigations, the researchers suggest disabling APIC MMIO or avoiding SGX; they allow that a microcode\/firmware update could work though they recommend the improper initialization be addressed in hardware.<\/p>\n<p>The research paper says proof-of-concept code will be made available at the URL <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/github.com\/IAIK\/AEPIC\">https:\/\/github.com\/IAIK\/AEPIC<\/a>.<\/p>\n<p>Intel on Tuesday plans to release 27 security advisories addressing 59 vulnerabilities. One of the advisories deals with \u00c6PIC Leak.<\/p>\n<p>&#8220;INTEL-SA-00657 addresses an issue discovered by researchers from TU Graz they refer to as \u00c6PIC Leak,&#8221; said Jerry Bryant, senior director of security communications and incident response for Intel in a statement provided to <em>The Register<\/em>. &#8220;Those using Intel SGX should review the advisory to understand the mitigations we have released as well as our Stale Data Read from xAPIC technical paper.&#8221;<\/p>\n<p>Intel&#8217;s list of affected CPUs extends beyond the set explored by the researchers. It includes: Ice Lake Xeon-SP, Ice Lake D, Gemini Lake, Ice Lake U,Y, and Rocket Lake.<\/p>\n<p>&#8220;Researchers have demonstrated attacks against Intel SGX enclaves, where stale data may be exposed by an attacker who controls the OS and can read from the legacy xAPIC,&#8221; a company spokesperson said in an email. &#8220;On some processors, incorrectly aligned reads from addresses in the xAPIC MMIO page could return stale data, which may correspond to data previously read by the same processor core that is reading the xAPIC page.&#8221;<\/p>\n<p>&#8220;Intel recommends that operating systems (OSes) and virtual machine monitors (VMMs) enable x2APIC mode, which disables the xAPIC MMIO page and instead exposes APIC registers through model specific registers (MSRs), which mitigates this issue in <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.intel.com\/content\/www\/us\/en\/developer\/topictechnology\/software-security-guidance\/processors-affected-consolidated-product-cpu-model.html\">affected products<\/a>. APIC virtualization is not affected; this behavior only applies to access to the physical xAPIC MMIO page.&#8221;<\/p>\n<p>Intel continues to recommend the use of Intel SGX and intends to provide a revised Intel SGX Software Development Kit (SDK) for <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/registrationcenter.intel.com\/en\/products\/download\/3407\/\">Windows<\/a> and <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/01.org\/intel-software-guard-extensions\/downloads\">Linux<\/a> to help reduce the chance that enclave data might be inferred.<\/p>\n<p>In their paper, the authors explore how both architectural and transient-execution vulnerabilities share a common underlying type of vulnerability, or Common Weakness Enumeration.<\/p>\n<p>In this instance, <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/cwe.mitre.org\/data\/definitions\/665.html\">CWE-665: Improper Initialization<\/a> made the transient-execution vulnerabilities CrossTalk and Medusa possible and led to the architectural flaw behind \u00c6PIC Leak.<\/p>\n<p>Daniel Gruss, a co-author of the paper and assistant professor in the secure systems group at the Graz University of Technology, told <em>The Register<\/em> in an email that he expects &#8220;bugs from further different CWE classes to be found in hardware in the future.&#8221;<\/p>\n<p>Gruss, as it happens, is among another set of computer scientists who have identified a side-channel attack on scheduler queues, which schedule the instructions to be executed in superscalar CPUs.<\/p>\n<p>The attack is described in <a target=\"_blank\" href=\"https:\/\/regmedia.co.uk\/2022\/08\/08\/squip_paper.pdf\" rel=\"noopener\">a paper<\/a> [PDF] titled, &#8220;SQUIP: Exploiting the Scheduler Queue Contention Side Channel.&#8221; Its authors include: Stefan Gast (Lamarr Security Research &amp; Graz University of Technology), Jonas Juffinger (Lamarr Security Research &amp; Graz University of Technology), Martin Schwarzl (Graz University of Technology), Gururaj Saileshwar (Georgia Institute of Technology), Andreas Kogler (Graz University of Technology), Simone Franza (Graz University of Technology), Markus Kostl (Graz University of Technology), and Daniel Gruss (Graz University of Technology).<\/p>\n<p>Intel chips are unaffected by the SQUIP attack because they rely on a single scheduler queue, the SQUIP paper explains. However, AMD Zen 1 (not mentioned by the researchers but confirmed by AMD), Zen 2, and Zen 3 microarchitectures implement separate scheduler queues per execution unit, so contention between different units can be exploited to glean information.<\/p>\n<p>The attack \u2013 which can determine an RSA-4096 key in about 38 minutes \u2013 assumes the attacker and target are co-located on different SMT threads of the same physical core, but are from different security domains. In short, it&#8217;s relevant mainly for cloud tenants relying on shared hardware.<\/p>\n<p>&#8220;An attacker running on the same host and CPU core as you, could spy on which types of instructions you are executing due to the split-scheduler design on AMD CPUs,&#8221; explained Gruss. &#8220;Apple&#8217;s M1 (probably also M2) follows the same design but is not affected yet as they haven&#8217;t introduced SMT in their CPUs yet.&#8221;<\/p>\n<p>A spokesperson for AMD said the vulnerability has been designated medium severity and is being referred to as &#8220;AMD-SB-1039: Execution Unit Scheduler Contention Side-Channel vulnerability on AMD Processors.&#8221;<\/p>\n<p>AMD&#8217;s 1st, 2nd, 3rd Gen Zen processors are affected.<\/p>\n<p>&#8220;AMD recommends software developers employ existing best practices [<a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.bearssl.org\/constanttime.html\">1<\/a>][<a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.chosenplaintext.ca\/articles\/beginners-guide-constant-time-cryptography.html\">2<\/a>], including constant-time algorithms and avoiding secret-dependent control flows where appropriate to help mitigate this potential vulnerability,&#8221; the company spokesperson told <em>The Register<\/em>. \u00ae<\/p>\n<p> READ MORE <a href=\"https:\/\/go.theregister.com\/feed\/www.theregister.com\/2022\/08\/09\/intel_sunny_cove\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>AMD Zen chips, meanwhile, are vulnerable to side-channel data scrying A group of computer scientists has identified an architectural error in certain recent Intel CPUs that can be abused to expose SGX enclave data like private encryption keys.\u2026  READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[],"class_list":["post-47902","post","type-post","status-publish","format-standard","hentry","category-the-register"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>APIC fail: Intel &#039;Sunny Cove&#039; chips with SGX spill secrets 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/apic-fail-intel-sunny-cove-chips-with-sgx-spill-secrets\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"APIC fail: Intel &#039;Sunny Cove&#039; chips with SGX spill secrets 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/apic-fail-intel-sunny-cove-chips-with-sgx-spill-secrets\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2022-08-09T17:00:15+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YvLTMe-utdv8fKVIT1WVKwAAAEU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/apic-fail-intel-sunny-cove-chips-with-sgx-spill-secrets\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/apic-fail-intel-sunny-cove-chips-with-sgx-spill-secrets\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"APIC fail: Intel &#8216;Sunny Cove&#8217; chips with SGX spill secrets\",\"datePublished\":\"2022-08-09T17:00:15+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/apic-fail-intel-sunny-cove-chips-with-sgx-spill-secrets\\\/\"},\"wordCount\":1268,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/apic-fail-intel-sunny-cove-chips-with-sgx-spill-secrets\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YvLTMe-utdv8fKVIT1WVKwAAAEU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/apic-fail-intel-sunny-cove-chips-with-sgx-spill-secrets\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/apic-fail-intel-sunny-cove-chips-with-sgx-spill-secrets\\\/\",\"name\":\"APIC fail: Intel 'Sunny Cove' chips with SGX spill secrets 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/apic-fail-intel-sunny-cove-chips-with-sgx-spill-secrets\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/apic-fail-intel-sunny-cove-chips-with-sgx-spill-secrets\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YvLTMe-utdv8fKVIT1WVKwAAAEU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"datePublished\":\"2022-08-09T17:00:15+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/apic-fail-intel-sunny-cove-chips-with-sgx-spill-secrets\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/apic-fail-intel-sunny-cove-chips-with-sgx-spill-secrets\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/apic-fail-intel-sunny-cove-chips-with-sgx-spill-secrets\\\/#primaryimage\",\"url\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YvLTMe-utdv8fKVIT1WVKwAAAEU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"contentUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YvLTMe-utdv8fKVIT1WVKwAAAEU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/apic-fail-intel-sunny-cove-chips-with-sgx-spill-secrets\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"APIC fail: Intel &#8216;Sunny Cove&#8217; chips with SGX spill secrets\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"APIC fail: Intel 'Sunny Cove' chips with SGX spill secrets 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/apic-fail-intel-sunny-cove-chips-with-sgx-spill-secrets\/","og_locale":"en_US","og_type":"article","og_title":"APIC fail: Intel 'Sunny Cove' chips with SGX spill secrets 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/apic-fail-intel-sunny-cove-chips-with-sgx-spill-secrets\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2022-08-09T17:00:15+00:00","og_image":[{"url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YvLTMe-utdv8fKVIT1WVKwAAAEU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/apic-fail-intel-sunny-cove-chips-with-sgx-spill-secrets\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/apic-fail-intel-sunny-cove-chips-with-sgx-spill-secrets\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"APIC fail: Intel &#8216;Sunny Cove&#8217; chips with SGX spill secrets","datePublished":"2022-08-09T17:00:15+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/apic-fail-intel-sunny-cove-chips-with-sgx-spill-secrets\/"},"wordCount":1268,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/apic-fail-intel-sunny-cove-chips-with-sgx-spill-secrets\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YvLTMe-utdv8fKVIT1WVKwAAAEU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/apic-fail-intel-sunny-cove-chips-with-sgx-spill-secrets\/","url":"https:\/\/www.threatshub.org\/blog\/apic-fail-intel-sunny-cove-chips-with-sgx-spill-secrets\/","name":"APIC fail: Intel 'Sunny Cove' chips with SGX spill secrets 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/apic-fail-intel-sunny-cove-chips-with-sgx-spill-secrets\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/apic-fail-intel-sunny-cove-chips-with-sgx-spill-secrets\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YvLTMe-utdv8fKVIT1WVKwAAAEU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","datePublished":"2022-08-09T17:00:15+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/apic-fail-intel-sunny-cove-chips-with-sgx-spill-secrets\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/apic-fail-intel-sunny-cove-chips-with-sgx-spill-secrets\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/apic-fail-intel-sunny-cove-chips-with-sgx-spill-secrets\/#primaryimage","url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YvLTMe-utdv8fKVIT1WVKwAAAEU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","contentUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YvLTMe-utdv8fKVIT1WVKwAAAEU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/apic-fail-intel-sunny-cove-chips-with-sgx-spill-secrets\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"APIC fail: Intel &#8216;Sunny Cove&#8217; chips with SGX spill secrets"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/47902","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=47902"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/47902\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=47902"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=47902"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=47902"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}