Positive Technologies specialists discovered a new vulnerability in Intel Pentium, Celeron and Atom processors on the 2016, 2017 and 2019 platforms Apollo Lake, Gemini Lake and Gemini Lake Refresh, which was designated CVE-2021-0146. It can be used to access encrypted files, espionage and circumvent copyright protection.
According to experts, “CVE-2021-0146 vulnerability allows testing or debugging modes in several lines of Intel processors. This may allow an unauthenticated user with physical access to gain elevated privileges in the system.”
Vulnerable processors are used in many netbooks, Internet devices (IoT) based on Intel processors (from household appliances and smart home systems to cars and medical equipment).
“One example of a real threat is lost or stolen laptops containing confidential information in encrypted form. Using this vulnerability, an attacker can extract the encryption key and gain access to information inside the laptop,” said the company's specialist Mark Ermolov.
According to the expert, the vulnerability is due to the presence of over-privileged debugging functionality that is not properly protected. To avoid such problems and prevent the possibility of bypassing the built-in protection, manufacturers should take a more careful approach to ensure the security of debugging mechanisms.
In addition, the availability of information about the end-users, for example, about the subjects of the critical infrastructure of the Russian Federation can be very dangerous.
According to Pavel Korostelev, head of the product promotion department of the Security Code company, the discovered problem in Russia is potentially dangerous only for super-important systems that are of interest to Western intelligence services. Ordinary users, according to him, should not worry.
Positive Technologies also notes that in order to eliminate the detected vulnerability, it is necessary to install UEFI BIOS updates published by the end manufacturers of laptops or other devices.
