Skip to main content

CVE-2021-0060: escalation of privilege in Intel(R) SPS

Medium
VulnerabilityCVE-2021-0060cvecve-2021-0060
Published: Wed Feb 09 2022 (02/09/2022, 22:04:02 UTC)
Source: CVE
Vendor/Project: n/a
Product: Intel(R) SPS

Description

Insufficient compartmentalization in HECI subsystem for the Intel(R) SPS before versions SPS_E5_04.01.04.516.0, SPS_E5_04.04.04.033.0, SPS_E5_04.04.03.281.0, SPS_E5_03.01.03.116.0, SPS_E3_05.01.04.309.0, SPS_02.04.00.101.0, SPS_SoC-A_05.00.03.114.0, SPS_SoC-X_04.00.04.326.0, SPS_SoC-X_03.00.03.117.0, IGN_E5_91.00.00.167.0, SPS_PHI_03.01.03.078.0 may allow an authenticated user to potentially enable escalation of privilege via physical access.

AI-Powered Analysis

AILast updated: 07/06/2025, 20:57:21 UTC

Technical Analysis

CVE-2021-0060 is a vulnerability identified in the Intel(R) Server Platform Services (SPS) firmware, specifically affecting the Host Embedded Controller Interface (HECI) subsystem. The root cause is insufficient compartmentalization within the HECI subsystem in various versions of Intel SPS firmware prior to specified updates. This weakness allows an authenticated user with physical access to the system to potentially escalate their privileges. The vulnerability arises because the HECI subsystem does not adequately isolate different components or privilege levels, enabling an attacker who has already gained some level of authenticated access to leverage this flaw to gain higher privileges, potentially reaching administrative or system-level control. The CVSS v3.1 base score is 6.6, indicating a medium severity level. The vector indicates that exploitation requires physical access (AV:P), low attack complexity (AC:L), low privileges (PR:L), no user interaction (UI:N), and impacts confidentiality, integrity, and availability to a high degree (C:H/I:H/A:H). There are no known exploits in the wild reported, and no patches are directly linked in the provided data, though affected versions are clearly identified. This vulnerability is particularly relevant for environments where Intel SPS firmware is deployed, such as server platforms and certain embedded systems, where attackers with physical access could leverage this flaw to compromise system security.

Potential Impact

For European organizations, the impact of CVE-2021-0060 can be significant, especially in sectors relying heavily on Intel-based server infrastructure, such as finance, telecommunications, government, and critical infrastructure. The ability for an attacker with physical access to escalate privileges could lead to unauthorized control over sensitive systems, data breaches, disruption of services, and potential lateral movement within networks. Given the high impact on confidentiality, integrity, and availability, this vulnerability could facilitate advanced persistent threats or insider attacks. The requirement for physical access somewhat limits remote exploitation but does not eliminate risk in data centers, branch offices, or environments where physical security might be less stringent. Additionally, the vulnerability could undermine trust in hardware-based security mechanisms, complicating compliance with European data protection regulations like GDPR, which mandate strict controls over data confidentiality and integrity.

Mitigation Recommendations

Mitigation should focus on a combination of firmware updates, physical security enhancements, and operational controls. Organizations must ensure that all Intel SPS firmware is updated to versions beyond those listed as vulnerable, applying vendor-supplied patches promptly once available. Since no direct patch links are provided, coordination with Intel support channels or system vendors is essential to obtain and deploy updates. Enhancing physical security controls to restrict unauthorized access to servers and hardware is critical; this includes secure data center access policies, surveillance, and tamper-evident measures. Additionally, monitoring and auditing of privileged user activities can help detect potential exploitation attempts. Employing hardware-based security features such as Intel Trusted Execution Technology (TXT) or Platform Trust Technology (PTT) may provide additional layers of protection. Finally, organizations should incorporate this vulnerability into their risk assessments and incident response plans, preparing for potential exploitation scenarios.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
intel
Date Reserved
2020-10-22T00:00:00.000Z
Cisa Enriched
true
Cvss Version
3.1
State
PUBLISHED

Threat ID: 682d981dc4522896dcbdb290

Added to database: 5/21/2025, 9:08:45 AM

Last enriched: 7/6/2025, 8:57:21 PM

Last updated: 8/16/2025, 4:31:36 AM

Views: 15

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats