Insecure default variable initialization for the Intel BSSA DFT feature may allow a privileged user to potentially enable an escalation of privilege via local access.
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00527.html
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00525.html