Intel has released patches for multiple vulnerabilities that includes a series of high-severity vulnerabilities in the BIOS firmware of several processor models.
This parch release includes a total of nine high severity issues impact multiple Intel Xeon, Pentium Silver, Rocket Lake Xeon, Core, and Core X series processors.
The most severe of these are four bugs that could lead to elevation of privilege via local access. Tracked as CVE-2021-0154, CVE-2021-0153, CVE-2021-33123, and CVE-2021-0190, with a CVSS score of 8.2.
The remaining five high severity flaws could lead to escalation of privilege via local access as well, but have slightly lower CVSS scores.
Intel also releases patches for bugs persisted in Boot Guard and Trusted Execution Technology (TXT). Tracked as CVE-2022-0004 with a CVSS score of 7.3, exploited to elevate privileges on a vulnerable system.
The issue impacts several Intel processor models, including the latest three generations of Intel Core processors, some Celeron, Atom, Pentium, Xeon, Gold, and Silver models, and multiple chipset series.
It is recommended updating the Intel Converged Security and Management Engine (CSME) to the latest version, disabling the CPU debug feature when Boot Guard is enabled, and disabling the Bootstrap Processor.
Intel also patches high-severity security holes in NUC firmware, and In-Band Manageability software, as well as for medium-severity issues in Advisor, XTU, Killer Control Center, Manageability Commander, and the SGX platform.