1 / 3

Vulnerability in Intel Processors

The vulnerability in Intel processors, which are used in laptops, cars and other devices, was discovered by Positive Technologies experts, the company said in a statement released on Monday.

briskinfosec
Download Presentation

Vulnerability in Intel Processors

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. https://www.briskinfosec.com Briskinfosec Technology and Consulting Pvt Ltd Mobile: 8608634123 https://www.briskinfosec.com https://www.facebook.com/briskinfosec https://twitter.com/briskinfosec Vulnerability in Intel Processors

  2. https://www.briskinfosec.com Vulnerability in Intel Processors The vulnerability in Intel processors, which are used in laptops, cars and other devices, was discovered by Positive Technologies experts, the company said in a statement released on Monday. Attackers can exploit the vulnerability to gain access to encrypted files, to spy and bypass copyright protection. Positive Technologies clarified that the CVE-2021-0146 vulnerability allows activating testing or debugging modes in several lines of Intel processors. This could allow an unauthenticated user with physical access to gain elevated privileges on the system. The issue has been found in the Pentium, Celeron and Atom processors of the Apollo Lake, Gemini Lake and Gemini Lake Refresh platforms, which are used in both mobile computers and embedded systems. The threat affects netbooks and much of the Intel-based Internet of Things (IoT) systems, from home appliances and smart home systems to cars and medical equipment. According to a study by Mordor Intelligence, Intel ranks fourth in the market for chips for the Internet of things, and its IoT processors, the Intel Atom E3900 series, which also contain the CVE-2021-0146 vulnerability, are used by automakers in more than 30 models of cars, including , according to unofficial data, by Tesla in the Tesla Model 3. One example of a real threat is lost or stolen laptops containing confidential information in encrypted form,” explained Mark Ermolov. - Using this vulnerability, an attacker can extract the encryption key and gain access to information inside the laptop. The bug can also be exploited in targeted attacks across the

  3. https://www.briskinfosec.com supply chain. For example, an employee of an Intel processor-based device vendor could theoretically extract the Intel CSME firmware key and deploy spyware that would not be detected by security software. This vulnerability is also dangerous in that it allows you to extract the root encryption key used in Intel PTT (Platform Trust Technology) and Intel EPID (Enhanced Privacy ID) technologies in systems for protecting digital content from illegal copying Technically, the vulnerability is due to overprivileged debugging functionality that is not properly protected. To eliminate the discovered vulnerability, it is necessary to install UEFI BIOS updates published by the end manufacturers of electronic equipment (laptops or other devices), the company said.

More Related