A vulnerability has been revealed in Intel’s Goldmont and Goldmont Plus low-power architectures that could potentially reveal low-level security keys, according to security firm Positive Technologies (opens in new tab) (via by The Register (opens in new tab)).
The chips in question are Apollo Lake and Gemini Lake (plus Refresh) Atom, Celeron, and Pentium products. They’re all low-power chips used in embedded systems, mobile devices, and cheap laptops. The Atom E3900 is also found in over 30 cars, including the Tesla Model 3 (if you believe a guy on Twitter (opens in new tab)).
Positive Technologies responsibly disclosed the flaw to Intel (which has put out an advisory (opens in new tab)) before going public, and it has been assigned the reference CVE-2021-0146 (opens in new tab). It requires physical access to the computer and sees the chip tricked into entering a test debugging mode that has excessively high privileges, from which root encryption keys can be extracted. “The bug can also be exploited in targeted attacks across the supply chain,” said Positive’s Mark Ermolov in a statement. “For example, an employee of an Intel processor-based device supplier could, in theory, extract the Intel CSME firmware key and deploy spyware that security software would not detect.”
A UEFI BIOS update can plug the security hole, and owners of affected systems are advised to look out for an update from their device’s manufacturer.