PT-2021-5033 · Intel+5 · Intel Processors+5

Dmitry Sklyarov

+2

·

Published

2021-09-11

·

Updated

2024-12-09

·

CVE-2021-0146

CVSS v3.1

6.8

Medium

VectorAV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Intel(R) processors (affected versions not specified)
Description The issue is related to the activation of test or debug logic at runtime for some Intel(R) processors, which may allow an unauthenticated user to potentially enable escalation of privilege via physical access. This is due to insufficient protection of service data in the BIOS/UEFI firmware. Exploitation of the issue may allow an attacker to gain elevated privileges and access sensitive information. The problem is also associated with a debugging functionality that has excessive privileges, potentially allowing attackers to read encrypted files.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

ALT-PU-2022-1536
ALT-PU-2022-3092
ALT-PU-2023-8026
ALT-PU-2023-8027
BDU:2021-05803
CVE-2021-0146
MGASA-2022-0064
OESA-2022-1773
OPENSUSE-SU-2022:0574-1
OPENSUSE-SU-2022_0574-1
OPENSUSE-SU-2024:11840-1
SUSE-SU-2022:0502-1
SUSE-SU-2022:0541-1
SUSE-SU-2022:0574-1
SUSE-SU-2022:0575-1
SUSE-SU-2022:0576-1
USN-5486-1
USN-5535-1

Affected Products

Alt Linux
Intel Processors
Linuxmint
Red Os
Suse
Ubuntu