Serious new vulnerabilities threaten Intel processors

Serious vulnerabilities in Intel
Written by Emma Davis

Intel has patched serious vulnerabilities affecting a wide range of the company’s processor families. The discovered bugs allow attackers to gain higher privileges on a vulnerable device.

Two vulnerabilities (CVE-2021-0157 and CVE-2021-0158) were found by SentinelOne and both scored 8.2 points on the CVSS vulnerability rating scale. The first problem concerns the incorrect control flow control in the BIOS, which manifests itself on some Intel processors, and the second bug is related to the insufficient validation of the input data in the same component. Both vulnerabilities can lead to privilege escalation on a machine if an attacker has physical access to it.

According to Intel, the vulnerabilities concern the following products:

  1. Intel® Xeon® E processor family;
  2. Intel® Xeon® processor E3 v6 family;
  3. Intel® Xeon® W processor family;
  4. 3rd Generation Intel® Xeon® Scalable Processors;
  5. 11th Generation Intel® Core ™ processors;
  6. 10th generation Intel® Core ™ processors;
  7. 7th generation Intel® Core ™ processors;
  8. Intel® Core ™ X-series processors;
  9. Intel® Celeron® Processor N Series;
  10. Intel® Pentium® Silver processors.

Intel experts have not yet shared the technical details of these problems, they only recommended that users fix the vulnerabilities by installing available BIOS updates. Unfortunately, this can be a problem as motherboard manufacturers do not release BIOS updates as often and generally do not support their products for very long. For example, 7th Gen Intel Core processors were released five years ago, and it is doubtful that motherboard manufacturers are still releasing security updates for such older (by their standards) products.

Another vulnerability patched by Intel this week, identified as CVE-2021-0146, is also related to privilege escalation and requires physical access to the device (7.2 on the CVSS scale). This bug was discovered by Positive Technologies specialists Mark Ermolov and Dmitry Sklyarov, as well as by an independent researcher Maxim Goryachy.

The researchers say the problem concerns the Pentium, Celeron and Atom processors of the Apollo Lake, Gemini Lake and Gemini Lake Refresh platforms, which are used in both mobile computers and embedded systems. The threat also affects a wide range of ultra-mobile netbooks and many IoT devices based on Intel processors – from household appliances and smart home systems to cars and medical equipment.

Thus, according to Mordor Intelligence, Intel ranks fourth in the market of chips for the Internet of Things, and its IoT processors of the Intel Atom E3900 series, which also contain the CVE-2021-0146 vulnerability, are used by automakers in more than 30 models of cars, including, according to unofficial data, by Tesla in the Tesla Model 3.

Mark Ermolov

Mark Ermolov

One example of a real threat is lost or stolen laptops containing confidential information in encrypted form. Using this vulnerability, an attacker can extract the encryption key and gain access to information inside the laptop. The bug can also be exploited in targeted attacks across the supply chain. For example, an employee of an Intel processor-based device vendor could theoretically extract the Intel CSME firmware key and deploy spyware that would not be detected by security software. This vulnerability is also dangerous in that it allows you to extract the root encryption key used in Intel PTT (Platform Trust Technology) and Intel EPID (Enhanced Privacy ID) technologies in systems for protecting digital content from illegal copying. For example, a number of Amazon e-book models use Intel EPID-based protection for digital rights management. Using this vulnerability, an attacker can extract the root EPID key from a device (e-book), and then, having compromised Intel EPID technology, download electronic materials from providers in the form of files, copy and distribute them.Mark Ermolov says.

Technically, the vulnerability is due to overprivileged debugging functionality that is not properly protected. To avoid such problems in the future and to prevent the possibility of bypassing the built-in protection, manufacturers should be more careful in securing the debug mechanisms.

To resolve the reported issue, users need to re-install the UEFI BIOS updates published by the manufacturers.

Let me remind you that we also wrote that some Intel processors are vulnerable to the new version of the Zombieload problem.

Sending
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

About the author

Emma Davis

I'm writer and content manager (a short time ago completed a bachelor degree in Marketing from the Gustavus Adolphus College). For now, I have a deep drive to study cyber security.

Leave a Reply

Sending