Security researchers have discovered a vulnerability in a number of older Intel chips that makes it possible to leak sensitive data from the trusted execution environment. To do this, an attacker needs physical access to a system.
The vulnerability is registered as CVE-2021-0146, and was discovered by security firm Positive Technologies. The vulnerability is found in all Pentium, Celeron and Atom processors in the Apollo Lake and Gemini Lake series. The bug gets a CVSS score of 7.1 because it allows privilege escalation.
Positive Technologies has not released any details about the vulnerability, but does describe how it could be exploited. The bug would allow a debugging mode to be enabled. In this way, information can be leaked from the chips. This would theoretically allow attackers to get the root key from Intel’s Trusted Execution Technology; the environment in which encryption keys and other encrypted data are stored. In that case, it would be possible to bypass drm, but also, for example, to gain access to the entire system.
The company says it has passed on the findings to Intel. That has since implemented patches, but manufacturers still have to send them to users themselves. Dell, HP and Lenovo have already done that.