Intel AMT Escalation of Privilege Vulnerability

Last Update Date: 5 May 2017 09:26 Release Date: 5 May 2017 3452 Views

RISK: Medium Risk

TYPE: Operating Systems - Others OS

A vulnerability has been identified in Intel Active Management Technology (AMT), which can be exploited by remote attacker to conduct elevation of privilege on the target system.

Impact

Elevation of Privilege

System / Technologies affected

Intel manageability firmware versions 6.x, 7.x, 8.x, 9.x, 10.x, 11.0, 11.5, and 11.6 for Intel® Active Management Technology, Intel® Small Business Technology, and Intel® Standard Manageability

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

The vendor has issued a fix:
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075&languageid=en-fr

Workaround:

Please disable AMT if patch cannot be applied. Please refer to Intel documentation on detection of AMT and mitigation:
https://downloadmirror.intel.com/26754/eng/INTEL-SA-00075%20Mitigation%20Guide-Rev%201.1.pdf

Vulnerability Identifier

CVE-2017-5689

Intel AMT Escalation of Privilege Vulnerability

Impact

System / Technologies affected

Solutions

Vulnerability Identifier

Source

Related Link