Security News > 2021 > November > Intel's recent Atom, Celeron, Pentium chips can be lulled into a debug mode, potentially revealing system secrets

Certain Intel processors can be slipped into a test mode, granting access to low-level keys that can be used to, say, unlock encrypted data stored in a stolen laptop or some other device.

This vulnerability, identified by Positive Technologies, a security firm just sanctioned by the US, affects various Intel Atom, Celeron, and Pentium chips that were made in the past few years.

It's one of 25 security holes Intel revealed last week.

The insecure chip hardware permits the "Activation of test or debug logic at runtime for some Intel processors which may allow an unauthenticated user to potentially enable escalation of privilege via physical access," Intel explained in an advisory, which rates the bug with a CVSS score of 7.1.

The vulnerable Atom, Celeron, and Pentium chips come from Intel's Apollo Lake, Gemini Lake, and Gemini Lake Refresh platforms, which serve as the brains in various desktop, mobile, and embedded systems.

"The bug can also be exploited in targeted attacks across the supply chain. For example, an employee of an Intel processor-based device supplier could, in theory, extract the Intel CSME firmware key and deploy spyware that security software would not detect."

News URL

https://go.theregister.com/feed/www.theregister.com/2021/11/16/intels_chip_flaw/