We do not usually talk about Intel’s low-performance cores, as these tend to go to low-power embedded systems or notebooks that do not usually have much interest and their performance for years has been very poor, which has led to PostPC devices with ARM-based processors have taken up their space. Well, a vulnerability has been found in these Intel CPUs.
A CPU is today an enormously complex piece and the higher it is, the more likely it is to fail. Some of them are failures at the architecture or performance level that are detected during the design period of the chip, but others, such as security failures, take time to find and there are companies dedicated exclusively to this. Well, a serious vulnerability has been detected in some very low-powered Intel CPUs, which is quite serious.
Detect a serious vulnerability in Intel Low Power CPUs
Specifically, the vulnerabilities have been found by Positive Technologies and it is a security breach that the CSME exploits to gain access to the keys stored within the CPU and its chipset. The failure to which the reference code CVE-2021-0146 has been given, which serves to force the processor into debugging mode which gives high levels of privilege, which allows to extract highly sensitive information from inside the processor. And when we say highly sensitive we mean keys and passwords used by the user.
The solution to this problem? Apparently a UEFI update can fix this serious vulnerability that affects some Intel CPUs. What are the affected processors? Well, those with the Goldmont and Goldmont Plus cores, which includes several processors under the Apollo Lake and Gemini Lake architectures. Among them, the Atom E3900 stands out, which is used in 30 cars including the Tesla Model 3.
However, the problem requires physical access to the processor for this to occur, so it does not remotely affect the CPU, however it can be a problem if the PC is stolen and especially the car that uses it, since it allows them to overturn easily keys from debug mode to another computer. At the moment companies like Dell, HP and Lenovo have already released their patches, so if you are affected you should take a look at the driver updates for your hardware.
Debug mode is usually hidden
This high-privilege mode is not usually available for any software that runs on a CPU, however it is used during performance tests on the final processor to check the operation of each of the instructions works as it should step through He passed. This is no different in operation than when we debug a program in a compiler from source code to binary.
So the fact that someone other than Intel engineers have physical access to debugging mode is a serious mistake on the part of Intel even if it is an oversight.