Is the U.S.-China tech war renewed- Intel listed as 4 issues, may be subject to Chinese security review

Posted on by

On October 16, the China Cyberspace Security Association (CCSA), a national non-profit organization, published a statement raising concerns about Intel, highlighting four significant issues related to product security vulnerabilities. The association also accused Intel of taking a stance against China in the context of Xinjiang-related issues. They suggested that a cybersecurity review be initiated for Intel’s products sold in China to safeguard national security and protect consumer rights.

The CCSA’s article titled “Frequent Vulnerabilities and High Failure Rates: Systematic Review of Intel’s Product Cybersecurity Risks” detailed four major security concerns: the frequent occurrence of security vulnerabilities, poor reliability with disregard for user complaints, the use of remote system management as a cover for user surveillance, and the existence of hidden backdoors jeopardizing internet and information security.

One of the vulnerabilities mentioned is the “Downfall” flaw discovered in Intel CPUs last August. This flaw is categorized as a CPU transient execution side-channel vulnerability, which allows the exploitation of specific AVX2 or AVX-512 instruction sets to obtain sensitive data, including stored keys, user information, and critical parameters from vector register buffers.

Furthermore, the article pointed out that since late 2023, many users have reported crashes while using the Intel 13th and 14th generation Core i9 series CPUs during gaming. In collaboration with HP, Intel developed the Intelligent Platform Management Interface (IPMI) technical specification, claiming it was designed to monitor the physical health characteristics of servers. This technology manages and controls servers through a Baseboard Management Controller (BMC).

However, the BMC module has also been associated with high-risk vulnerabilities, such as CVE-2019-11181, which posed significant security risks by exposing numerous servers globally to potential control by attackers. Additionally, the article claimed that Intel has established backdoors that threaten network and information security.

Founded in 2016, CCSA operates with official approval, comprising major Chinese internet companies, cybersecurity firms, authoritative research institutions, and experts in the field of cybersecurity.

In recent years, the U.S. has intensified efforts to prevent China from accessing advanced semiconductor equipment and technology from the West, heightening tensions in economic relations. In May of last year, China imposed restrictions on U.S. memory chip manufacturer Micron, citing national security risks, which was viewed as Beijing’s attempt to retaliate against American measures designed to inhibit China’s acquisition of advanced semiconductor technology. However, analysts suggest that as Beijing strives to revitalize its sluggish economy, the effectiveness of such countermeasures is relatively limited.