Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
intelIntel Security CenterINTEL:INTEL-SA-00609
HistoryMar 08, 2022 - 12:00 a.m.

Intel® Trace Hub Advisory

2022-03-0800:00:00
Intel Security Center
www.intel.com
16

0.001 Low

EPSS

Percentile

24.4%

JSON

Summary:

A potential security vulnerability in some Intel® Trace Hub instances may allow escalation of privilege.** Intel is releasing prescriptive guidance to address this potential vulnerability.**

Vulnerability Details:

CVEID: CVE-2021-33150

Description: Hardware allows activation of test or debug logic at runtime for some Intel® Trace Hub instances which may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

CVSS Base Score: 5.3 Medium

CVSS Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

Affected Products:

6th Gen Intel® Core™ Processors

7th Gen Intel® Core Processors

8th Gen Intel® Core™ Processors

10th Gen Intel® Core™ Processors

Intel Atom® processor A series

Intel Atom® processor C3000 Automated Driving series

Intel Atom® processor C3000 series

Intel Atom® processor X E3900 series

Intel® 100 series chipset

Intel® 200 series chipset

Intel® 300 series chipset

Intel® C230 series chipset

Intel® C240 series chipset

Intel® C420 chipset

Intel® C620 series chipset

Intel® Celeron® Processor 3000 Series (38XX and 39XX)

Intel® Celeron® Processor 4000 Series (42XX and 43XX)

Intel® Celeron® processor J3000/N3000 series

Intel® Celeron® processor J4000/N4000 series

Intel® Pentium® Gold Processor Series (44XX and 65XX)

Intel® Pentium® Gold Processor Series (54XX)

Intel® Pentium® Processor 4000 Series (44XX)

Intel® Pentium® processor J4000/N4000 series

Intel® Pentium® processor J5000/N5000 series

Intel® X299 chipset

Intel® Xeon® D processor 2000 series

Recommendations:

Intel is releasing prescriptive guidance to address this potential vulnerability and will not be providing additional mitigations for these chipset/SOC products.

  • Ensuring all security mitigations provided by Intel are applied and systems are running the latest firmware version available from Intel.
  • Following standard security practices and preventing unauthorized physical access to systems.
  • Intel recommends users follow existing security best practices and alternate security controls.

Acknowledgements:

This vulnerability was researched and reported by Mark Ermolov and Dmitry Sklyarov (Positive Technologies) and Maxim Goryachy (independent).

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.

Related

prion 1
f5 1
cve 1
cvelist 1
nvd 1
redhatcve 1
ics 1
prion
prion
Design/Logic Flaw
2022-03-11 18:15:00
f5
f5
K59395527 : Intel processor vulnerability CVE-2021-33150
2022-04-14 00:00:00
cve
cve
CVE-2021-33150
2022-03-11 18:15:20
cvelist
cvelist
CVE-2021-33150
2022-03-11 17:54:37
nvd
nvd
CVE-2021-33150
2022-03-11 18:15:20
redhatcve
redhatcve
CVE-2021-33150
2022-03-16 07:49:04
ics
ics
Mitsubishi Electric Factory Automation Products
2023-05-02 12:00:00

0.001 Low

EPSS

Percentile

24.4%

JSON
Related for INTEL:INTEL-SA-00609
prion1f51cve1cvelist1nvd1redhatcve1ics1