High severity vulnerability affecting Intel processors
Posted by: GuidePoint Security
Published 11/24/21, 9:00am
Last week, chip-maker Intel disclosed the discovery of several high-severity flaws (CVE-2021-0157, CVE-2021-0158, and CVE-2021-0146) affecting a large number of processors. The vulnerabilities could enable threat actors to gain privileges on devices containing these chips, ultimately leading to encrypted file access, espionage, and the ability to bypass copyright protections on digital content.
In the case of CVE-2021-0157 and CVE-2021-0158 (both rated at 8.2 high), insufficient control flow management and improper input validation in the BIOS firmware could allow escalation of privileges.
For vulnerability CVE-2021-0146 (rated at 7.1 high), hardware can enable activation of test or debug logic at runtime, which has the potential to allow an unauthenticated user to enable escalation of privileges through physical access.
Next Steps
The advisories from Intel (here and here) list the affected products, which covers a large swath of offerings from embedded mobile to server-level processors. Intel is releasing firmware updates to address the issues and recommends that users of affected processors “update to the latest version provided by the system manufacturer that addresses these issues.”
Vulnerabilities seem to be the hydra of cybersecurity, every time you squash one, two more will take its place. In the case of software vulnerabilities, it can be easy enough to locate and patch affected systems to new versions, but when vulnerabilities affect hardware itself that process can be much harder and much more disruptive to workflow–especially in today’s distributed landscape. With work-from-home and BYOD becoming more and more common, it’s important that your vulnerability management program is able to address critical vulnerabilities like this one, before they can be exploited.
GuidePoint Security