This is why firmware updates exist.
A flaw has been discovered within certain Intel chips that allow an attacker with physical access to the computer, known as an “evil maid attack,” install malicious firmware onto the chip. The flaw was noted by Mark Ermolov, Dmitry Sklyarov (both from Positive Technologies) and Maxim Goryachy (an independent researcher).
The flaw, tracked as CVE-2021-0146, is found in Pentium, Celeron, and Atom CPUs on the Apollo Lake, Gemini Lake, and Gemini Lake Refresh platforms. The attacker could use debug and testing modes to extract the decryption key from the TPM module. If TPM is also used to store a Windows BitLocker key, that can also be bypassed. Then, malicious firmware could be installed on the chip as a permanent backdoor.
According to Ermolov:
The vulnerability is a debugging functionality with excessive privileges, which is not protected as it should be. To avoid problems in the future and prevent the possible bypassing of built-in protection, manufacturers should be more careful in their approach to security provision for debug mechanisms.
The flaw can affect a wide range of devices with these processors, such as cars, notebooks, medical equipment, home appliances, and various Internet of Things (IoT) products.
Intel has stated that the company is actively working to patch the vulnerability so make sure you install the latest software or firmware updates for your devices.
It’s unknown as to exactly which Macs are affected by this.
Stay tuned for additional details as they become available.
Via The Mac Observer and Intel