CVE-2021-0148

Vulnerability

An insertion of information into a log file vulnerability exists in the firmware for some Intel(R) SSD DC (Data Center) products [1]. A privileged user, specifically one with administrative access to the system, can cause sensitive information to be written into log files. The affected products include certain Intel(R) SSD DC models; the specific firmware versions impacted are detailed in the Intel security advisory INTEL-SA-00535 [1].

Exploitation

To exploit this vulnerability, an attacker must already have privileged access to the target system, such as local administrative credentials or physical access to the command-line interface. No user interaction is required beyond gaining that privilege. The attacker can then trigger the affected firmware code path, for example by configuring logging settings or performing operations that cause the firmware to log data. The log files are accessible to the privileged user via local access, allowing them to view the inserted information [1].

Impact

On successful exploitation, the attacker gains access to sensitive information that was unintentionally written to the log files. This could include system configuration data, cryptographic material, or other secrets, leading to an information disclosure (confidentiality breach). The attacker does not escalate privileges beyond their current level, but the disclosed information might enable further attacks [1].

Mitigation

Intel has released firmware updates to address this issue, as specified in the advisory INTEL-SA-00535 [1]. Affected users should update the firmware of their Intel(R) SSD DC devices to the fixed version indicated in the advisory. For models listed as impacted, the fix is mandatory; no workaround is available. Users are advised to restrict privileged access to only trusted administrators as a general security practice [1].