We don’t usually talk about low performance cores from Intel, as these tend to go towards embedded systems or low power laptops which are usually not very interesting and their performance for years has been very poor which is why led to PostPC devices with ARM processor-based processors have taken their place. Well, a vulnerability has been found in said Intel processors.
A CPU today is an extremely complex part and the higher it is, the more likely it is to appear to be faulty. Some of these are architecture or performance failures that are detected during the chip design period, but others, like security holes, take time to find and there are companies. who are dedicated to it exclusively. Well, a serious vulnerability has been detected in some very low power Intel processors which is quite serious.
Detect a serious vulnerability in Intel Low Power processors
Specifically, the vulnerabilities were found by Positive Technologies and this is a security breach that the CSME uses to access the keys stored in the CPU and its chipset. The bug that received the reference code CVE-2021-0146, which is used to force the processor into debug mode which gives high privilege levels, which allows to extract very sensitive information from inside the processor. And when we say very sensitive, we mean the keys and passwords used by the user.
The solution to this problem? Apparently, a UEFI update can fix this serious vulnerability which affects some Intel processors. Which processors are affected? Well, those with Goldmont and Goldmont Plus cores, which include multiple processors under the Apollo Lake and Gemini Lake architectures. Among them is the Atom E3900, which is used in 30 cars including the Tesla Model 3.
However, the problem requires physical access to the processor for this to happen, so it does not remotely affect the CPU, however it can be a problem if the PC is stolen and especially the car using them, as it allows them to to easily flip keys from debug mode to another computer. As of now, companies like Dell, HP, and Lenovo have already released their fixes, so if you’re concerned you should take a look at driver updates for your hardware.
Debugging mode is usually hidden
This elevated privilege mode is not usually available for any software that is running on a processor, but it is used during performance testing on the end processor to verify the operation of each of the instructions that it should follow. It works no different than when we debug a program in a source code to binary compiler.
So for someone other than Intel’s engineers to have physical access to debug mode is a big mistake on Intel’s part even though it is an oversight.