Security Experts:

Connect with us

Hi, what are you looking for?


Application Security

New ‘Hertzbleed’ Remote Side-Channel Attack Affects Intel, AMD Processors

A team of academic researchers has identified a new side-channel method that can allow hackers to remotely extract sensitive information from a targeted system through a CPU timing attack.

A team of academic researchers has identified a new side-channel method that can allow hackers to remotely extract sensitive information from a targeted system through a CPU timing attack.

Dubbed Hertzbleed, the new attack method was made public this week by researchers from the University of Texas at Austin, the University of Illinois Urbana-Champaign, and the University of Washington. In addition to a name, the attack has its own website and logo. A paper describing Hertzbleed is also available. Hertzbleed

According to the researchers, Hertzbleed shows that power side-channel attacks can be turned into remote timing attacks, allowing attackers to obtain cryptographic keys from devices powered by Intel, AMD and possibly other processors.

In the past, researchers demonstrated CPU side-channel attacks that rely on observing variations in a processor’s power consumption.

Hertzbleed does not require any direct power measurement and instead relies on a feature called dynamic frequency scaling, which modern processors use to reduce power consumption.

“Under certain circumstances, periodic CPU frequency adjustments depend on the current CPU power consumption, and these adjustments directly translate to execution time differences (as 1 hertz = 1 cycle per second),” the researchers explained.

An analysis of these time differences can allow an attacker — in some cases even a remote attacker can observe the variations — to target cryptographic software and obtain valuable cryptographic keys.

The attack was demonstrated against SIKE, or Supersingular Isogeny Key Encapsulation, a post-quantum key encapsulation mechanism that is used by companies such as Microsoft and Cloudflare.

While Hertzbleed itself is not an actual vulnerability, two CVE identifiers did get assigned to it: CVE-2022-23823 and CVE-2022-24436.

Intel has published two advisories to inform customers about Hertzbleed attacks. The chipmaker has confirmed that all of its processors are impacted. While the company has not released any CPU firmware updates, it did release cryptography-related guidance that software developers can use to “harden their libraries and applications against frequency throttling information disclosure.”

“While this issue is interesting from a research perspective, we do not believe this attack to be practical outside of a lab environment,” Intel’s Jerry Bryant said in a blog post on Tuesday.

AMD has also published an advisory for Hertzbleed. The company has listed several desktop, mobile, Chromebook and server processors that are impacted. AMD has also advised developers to apply countermeasures in their software.

Other CPU makers could also be impacted. The researchers have notified ARM, whose products also implement frequency scaling, but the company has not provided any feedback on whether its products are affected.

Workarounds are also available, but the researchers pointed out that they can significantly impact performance.

Microsoft and Cloudflare learned about the attack on SIKE from a different team of researchers before being notified by the Hertzbleed team. Both companies have implemented mitigations.

Related: Academics Devise New Speculative Execution Attack Against Apple M1 Chips

Related: Researchers Disclose New Side-Channel Attacks Affecting All AMD CPUs

Related: Academics Devise Side-Channel Attack Targeting Multi-GPU Systems

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.


Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Protection

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...


Apple has released updates for macOS, iOS and Safari and they all include a WebKit patch for a zero-day vulnerability tracked as CVE-2023-23529.