Intel representatives recommended updating the BIOS firmware to protect against three new vulnerabilities. It is reported by the Bleeping Computer edition.
A couple of dangerous vulnerabilities appear under the names CVE-2021-0157 and CVE-2021-0158 and have a rating of 8.2 points according to the CVSSv3 standard. With their help, attackers can gain a high level of privileges on the device, which can lead to equipment compromise. The first vulnerability found is related to the distribution of control flows, the second – to an error when validating input.
According to Intel, the vulnerabilities apply to processors of the Xeon E, Xeon W, Celereon N, Pentium Silver, Core 7, 10 and 11 generations families, as well as other lines. The company advised to fix the vulnerabilities by updating the BIOS.
The third vulnerability, CVE-2021-0146, is related to vehicles equipped with Intel processors. It allows you to get a high level of privileges during the debugging process.
Despite the high level of severity, the vulnerability can only be exploited through direct contact with the processor. However, hackers can hack into devices locally and then control the equipment remotely.
At the end of the summer, security experts revealed a new way to hack AMD processors. Hacking is based on forced data exchange between microarchitectural elements of chips.