Confidential details on Model Specific Registers (MSRs) and other low-level CPU features not found in public documentation. 2. Security Implications
Compilation tools, change logs, and internal scripts used to build and test BIOS images.
The exposure of private keys could theoretically allow attackers to sign malicious firmware that bypasses hardware-level security checks.
Shortly after the leak was discovered, the original GitHub repository and its major mirrors were taken down due to DMCA notices or terms of service violations. Intel integrated the leaked components into its bug bounty program, encouraging researchers to report any flaws found in the code for rewards rather than exploiting them.
Intel confirmed the authenticity of the leak but maintained that it did not immediately expose new vulnerabilities, as their security model does not rely on "security through obscurity". However, security researchers noted several long-term risks:
