More Information:

• INTEL-SA-00525 – Intel BSSA (BIOS Shared SW Architecture) DFT Advisory
  • Summary: A potential security vulnerability in the customer build time configuration for the Intel BIOS Shared SW Architecture (BSSA) Design for Test (DFT) feature may allow escalation of privilege. Intel is releasing detailed guidance to address this potential vulnerability.
  • Severity: High

This Security advisory does not affect Supermicro BIOS. BSSA-related items are hidden and default setting is “disable”, so SMCI BIOS is not affected. Intel will be releasing guidelines on how to mitigate this vulnerability, but not the microcode.

Additional Resources

• Intel Security Advisory Intel-SA-00525
  • CVE-2021-0144
    • Description: Insecure default variable initialization for the Intel BSSA DFT feature may allow a privileged user to potentially enable an escalation of privilege via local access.