Existing UEFI setting restrictions for DCI (Direct Connect Interface) in 5th and 6th generation Intel Xeon Processor E3 Family, Intel Xeon Scalable processors, and Intel Xeon Processor D Family allows a limited physical presence attacker to potentially access platform secrets via debug interfaces.

Configuration of SPI Flash in platforms based on multiple Intel platforms allow a local attacker to alter the behavior of the SPI flash potentially leading to a Denial of Service.