Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
intelIntel Security CenterINTEL:INTEL-SA-00528
HistoryNov 09, 2021 - 12:00 a.m.

Intel® Processor Advisory

2021-11-0900:00:00
Intel Security Center
www.intel.com
49
JSON

Summary:

A potential security vulnerability in some Intel® Processors may allow escalation of privilege.** **Intel is releasing firmware updates to mitigate this potential vulnerability.

Vulnerability Details:

CVEID: CVE-2021-0146

Description: Hardware allows activation of test or debug logic at runtime for some Intel® processors which may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

CVSS Base Score: 7.1 High

CVSS Vector: CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H****

Affected Products:

Segment

|

Chipset/SOC or Processor

|

CPU ID

|

Platform ID

—|—|—|—

Desktop, Mobile

|

Intel® Pentium® Processor J Series, N Series

Intel® Celeron® Processor J Series, N Series

Intel® Atom® Processor A Series

Intel® Atom® Processor E3900 Series

|

506C9

|

3

Embedded

|

Intel® Pentium® Processor N Series

Intel® Celeron® Processor N Series

Intel® Atom® Processor E3900 Series

|

506CA

|

3

Desktop, Mobile

|

Intel® Pentium® Processor Silver Series/ J&N Series​

|

706A1

|

1

Desktop, Mobile

|

Intel® Pentium® Processor Silver Series/ J&N Series​ - Refresh

|

706A8

|

1

Embedded

|

Intel® Atom® Processor C3000

|

506F1

|

1

Recommendations:

Intel recommends that users of affected Intel® Processors update to the latest version provided by the system manufacturer that addresses these issues.

Acknowledgements:

This vulnerability was researched and reported by Mark Ermolov and Dmitry Sklyarov (Positive Technologies) and Maxim Goryachy (independent).

Intel would like to thank its employees Chandni Bhowmik and Ilya Wagner for identifying and developing the Proof of Concept (POC) for CVE-2021-0146 on Intel® Pentium® Processor Silver Series/ J&N Series and Intel® Pentium® Processor Silver Series/ J&N Series Refresh Processor Family.

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.

Related

cve 1
broadcom 1
redhatcve 1
osv 3
debiancve 1
prion 1
alpinelinux 1
threatpost 5
veracode 1
ubuntucve 1
nessus 10
gentoo 1
amazon 1
hp 1
f5 1
openvas 8
mageia 1
suse 1
ics 1
ubuntu 2
cloudfoundry 1
cve
cve
CVE-2021-0146
2021-11-17 20:15:00
broadcom
broadcom
Hardware allows activation of test or debug logic
2023-08-01 00:00:00
redhatcve
redhatcve
CVE-2021-0146
2021-11-10 09:58:38
osv
osv
CVE-2021-0146
2021-11-17 20:15:09
intel-microcode vulnerabilities
2022-06-20 04:21:50
Intel Microcode vulnerabilities
2022-07-28 05:31:23
debiancve
debiancve
CVE-2021-0146
2021-11-17 20:15:00
prion
prion
Design/Logic Flaw
2021-11-17 20:15:00
alpinelinux
alpinelinux
CVE-2021-0146
2021-11-17 20:15:00
threatpost
threatpost
Top 10 Cybersecurity Best Practices to Combat Ransomware
2021-11-12 20:24:24
Mac Zero Day Targets Apple Devices in Hong Kong
2021-11-12 18:05:02
High-Severity Intel Processor Bug Exposes Encryption Keys
2021-11-15 20:52:27
veracode
veracode
Privilege Escalation
2022-03-12 09:25:30
ubuntucve
ubuntucve
CVE-2021-0146
2021-11-17 00:00:00
nessus
nessus
Amazon Linux 2 : microcode_ctl (ALAS-2022-1762)
2022-03-08 00:00:00
GLSA-202402-22 : intel-microcode: Multiple Vulnerabilities
2024-02-20 00:00:00
SUSE SLES12 Security Update : ucode-intel (SUSE-SU-2022:0576-1)
2022-02-26 00:00:00
gentoo
gentoo
intel-microcode: Multiple Vulnerabilities
2024-02-19 00:00:00
amazon
amazon
Important: microcode_ctl
2022-03-07 23:34:00
hp
hp
Intel 2021.2 IPU – BIOS November 2021 Security Updates
2021-11-09 00:00:00
f5
f5
K12600461 : Multiple Intel CPU vulnerabilities
2021-11-25 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2022:0574-1)
2022-02-26 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:0576-1)
2022-02-26 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:0575-1)
2022-02-26 00:00:00
mageia
mageia
Updated microcode packages fix security vulnerabilities
2022-02-15 23:50:31
suse
suse
Security update for ucode-intel (important)
2022-02-25 00:00:00
ics
ics
Mitsubishi Electric Factory Automation Products
2023-05-02 12:00:00
ubuntu
ubuntu
Intel Microcode vulnerabilities
2022-06-20 00:00:00
Intel Microcode vulnerabilities
2022-07-28 00:00:00
cloudfoundry
cloudfoundry
USN-5486-1: Intel Microcode vulnerabilities | Cloud Foundry
2022-06-30 00:00:00
JSON
Related for INTEL:INTEL-SA-00528
cve1broadcom1redhatcve1osv3debiancve1prion1alpinelinux1threatpost5veracode1ubuntucve1nessus10gentoo1amazon1hp1f51openvas8mageia1suse1ics1ubuntu2cloudfoundry1