Researchers have identified a new side-channel attack impacting all modern Intel server processors made since 2012. The vulnerability could allow bad actors to sniff out encrypted passwords as they are being typed into a secure shell session (SSH); but, luckily, such an attack would be difficult to launch.
The attack, disclosed on Tuesday and dubbed NetCAT (short for Network Cache Attack), stems from an Intel performance-enhancing technology called Data-Direct I/O Technology (DDIO). DDIO is turned on by default in most recent Intel server-grade processors, including Intel Xeon E5, E7 and SP processor families.
Targeting DDIO, an attacker could uncover the arrival time of individual network packets from an SSH session, using a remote cache side channel – thus obtaining sensitive information from the cache of the impacted application server.