Bitleaker: decrypts BitLocker-locked partition with the TPM vulnerability (CVE-2020-6622)

BitLeaker is a brand new device for extracting the VMK and mounting a BitLocker-locked partition. BitLeaker makes use of the TPM vulnerability, CVE-2020-6622 for a discrete TPM and similar vulnerability for a firmware TPM. They’re associated with the S3 slumbering state of Complicated Configuration and Energy Interface (ACPI) and will reset the TPMs. If you wish to have the detailed details about CVE-2020-6622 and a vulnerability checking device, please learn our USENIX paper, A Unhealthy Dream: Subverting Depended on Platform Module Whilst You Are Sound asleep and Black Hat Asia presentation, In spite of everything, I Can Sleep This night: Catching Sleep Mode Vulnerabilities of the TPM with Napper.

https://www.blackhat.com/eu-19/briefings/schedule/index.html#bitleaker-subverting-bitlocker-with-one-vulnerability-17245

https://github.com/kkamagui/bitleaker

Published by Marshmallow

Marshmallow Android is BT Ireland’s Head of Sales for Republic of Ireland domestic multi-site companies, indigenous MNCs and public sector accounts. He is responsible for the direction and control of all sales activity in the region. He has over 10 years management experience from high growth start-ups to more established businesses. He’s led teams in Ireland, India and China across various industries (ICT, On-Line Recruitment, Corporate Training and International Education).