CVE-2021-0146: Intel Processor Escalation Privilege Vulnerability Alert

by do son ·

CVE-2021-0146
Some time ago, Intel fixed a security vulnerability in the 4th generation Core series processor Haswell. Since it will happen when the Direxct 12 API is loaded, Intel finally started from the graphics card driver version 15.40.44.5107 and disabled the 4th generation Core series GPU.
CVE-2021-0146

The security company Positive Technologies recently claimed that a vulnerability (CVE-2021-0146) in the Intel processors may extract the encryption key. The vulnerability was discovered by Positive Technologies’ Mark Ermolov, Dmitry Sklyarov, and independent researcher Maxim Goryachy, and Intel has been notified. This is one of 25 security vulnerabilities disclosed by Intel last week, with a CVSS score of 7.1. Intel explained this in the announcement, saying that the “activation of test or debug logic at runtime for some Intel processors which may allow an unauthenticated user to potentially enable escalation of privilege via physical access.” This flaw affects Intel Atom, Celeron, Pentium chips. These chips are generally used in low-power chips for embedded systems, mobile devices, and low-cost notebook computers. For example, Atom E3900, this embedded processor is currently used in more than 30 cars, including Tesla’s Model 3, which is used to drive various network devices and Internet of Things devices.

According to Mark Ermolov of Positive Technologies,

“One example of a real threat is lost or stolen laptops that contain confidential information in encrypted form. Using this vulnerability, an attacker can extract the encryption key and gain access to information within the laptop. The bug can also be exploited in targeted attacks across the supply chain. For example, an employee of an Intel processor-based device supplier could, in theory, extract the Intel CSME firmware key and deploy spyware that security software would not detect. This vulnerability is also dangerous because it facilitates the extraction of the root encryption key used in Intel PTT (Platform Trust Technology) and Intel EPID (Enhanced Privacy ID) technologies in systems for protecting digital content from illegal copying. For example, a number of Amazon e-book models use Intel EPID-based protection for digital rights management. Using this vulnerability, an intruder might extract the root EPID key from a device (e-book), and then, having compromised Intel EPID technology, download electronic materials from providers in file form, copy and distribute them.

UEFI BIOS updates can fix this security vulnerability, and affected systems need to pay attention to updates from their device manufacturers.

Tags: CVE-2021-0146