Intel Management Engine Multiple Vulnerabilities
Last Update Date:
22 Nov 2017 09:48
Release Date:
22 Nov 2017
4551
Views
RISK: Medium Risk
TYPE: Servers - Network Management
Multiple vulnerabilities were identified in Intel Management Engine. A remote authenticated user can perform remote code execution on the target system. A local user can obtain elevated privileges on the target system.
Impact
- Elevation of Privilege
- Remote Code Execution
System / Technologies affected
- 6th, 7th & 8th Generation Intel® Core™ Processor Family
- Intel® Xeon® Processor E3-1200 v5 & v6 Product Family
- Intel® Xeon® Processor Scalable Family
- Intel® Xeon® Processor W Family
- Intel® Atom® C3000 Processor Family
- Apollo Lake Intel® Atom Processor E3900 series
- Apollo Lake Intel® Pentium™
- Celeron™ N and J series Processors
for detail, please refer to this link:
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- The vendor has issued a fix. (include detection tools):
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr
Vulnerability Identifier
Source
Related Link
Share with