Intel ID: INTEL-SA-00152
Product family: 4th Gen Intel® Core™ Processor, 5th Gen Intel® Core™ Processor, 6th Gen Intel® Core™ Processor, and 7th Gen Intel® Core™ Processor
Impact of vulnerability: Escalation of Privilege
Severity rating: Important
Original release: 07/10/2018
Last revised: 07/10/2018

Summary:
Potential security vulnerability allowing bypass of firmware authentication and incorrect TPM measurement of system firmware.

Description:
Platform sample code firmware included with 4th Gen Intel® Core™ Processor (Haswell), 5th Gen Intel® Core™ Processor (Broadwell), 6th Gen Intel® Core™ Processor (Skylake), and 7th Gen Intel® Core™ Processor (Kaby Lake) contains a logic error potentially allowing a physical attacker to bypass firmware authentication.

• High - 7.6 CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Logic error in platform sample code firmware included with 4th Gen Intel® Core™ Processor (Haswell), 5th Gen Intel® Core™ Processor (Broadwell), 6th Gen Intel® Core™ Processor (Skylake), and 7th Gen Intel® Core™ Processor (Kaby Lake) potentially allows a physical attacker to exploit incorrect TPM measurement of system firmware.

• Medium 6.8 - CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products:
• 4th Gen Intel® Core™ Processor
• 5th Gen Intel® Core™ Processor
• 6th Gen Intel® Core™ Processor
• 7th Gen Intel® Core™ Processor

Recommendations:
Intel released updated firmware to address this issue and recommends that end-users contact their system manufacturers for updated system firmware.

Revision History

Revision Date Description
1.0 07/10/2018 Initial Release

Source: INTEL-SA-00152