Intel rolls out BIOS updates to fix local privilege escalation (CVE-2021-0157) vulnerabilities
Earlier, Intel issued a security bulletin to disclose security vulnerabilities discovered by researchers. The related vulnerabilities involve local privilege escalation, which has greater harm to the target device.
The vulnerability numbered CVE-2021-0157 is more harmful because it affects multiple Intel CPUs except for the latest Alder Lake-S series.
Affected users should pay attention to the website of the manufacturer/motherboard manufacturer to see if there is a BIOS update. Intel has distributed fixes and related partners.
Enterprise IT administrators can take the initiative to contact the device manufacturer or motherboard manufacturer to inquire about relevant security updates. In view of the greater impact of the vulnerability, it is recommended that the company install the update in time.
CVE-2021-0157 affects the following CPUs:
- Intel Xeon processor E family, Xeon processor E3 v6 family, Xeon processor W family, 3rd generation Xeon scalable processor
- Intel’s 11th generation Core series processors, Intel’s 10th generation Core series processors, Intel’s 7th generation Core series processors
- Intel Core X series processors, Intel Celeron processor N series, Intel Pentium Silver processor series
CVE-2021-0146 affects the following CPUs:
This vulnerability mainly affects Intel Pentium and Celeron series, processors. It is worth noting that some embedded processors are also affected and need to be repaired in time.
Specifically, CPU IDs of desktop or mobile terminals 506C9, 706A1, 706A8, and embedded processors 506CA and 506FC are affected by this vulnerability.
The above processors mainly involve the J series and N series of Pentium and Celeron series processors, and the silver series of some Pentium series processors are also affected by this vulnerability.
To fix the above vulnerabilities, you need to update the BIOS firmware. The relevant firmware is provided by the OEM equipment manufacturer or the motherboard manufacturer. Please pay attention to this information.