Intel Fixes Remote Code-Execution Hole

Tuesday, May 2, 2017 @ 03:05 PM gHale


Intel patched a vulnerability that has been in its processors for almost 10 years.

The vulnerability is in its Active Management Technology, Intel Small Business Technology, and Intel Standard Manageability. This is technology in computers running vPro processors bought by business customers and used to administer large fleets of computers.

RELATED STORIES
Hackers Jump on Patched Zero Day
Exploit Attacks Growing, More Effective
Workers Workaround Security Rules: Report
Firewall Configuration Key to Consistent Security

The vulnerability ended up labeled by Intel as critical.

“There is an escalation of privilege vulnerability in Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology versions firmware versions 6.x, 7.x, 8.x 9.x, 10.x, 11.0, 11.5, and 11.6 that can allow an unprivileged attacker to gain control of the manageability features provided by these products. This vulnerability does not exist on Intel-based consumer PCs,” according to the Intel advisory.

The vulnerability could end up exploited in two ways: Through an unprivileged network attacker who gains system privileges to provisioned Intel manageability SKUs and through an unprivileged local attacker that could provision manageability features and gain unprivileged network or local system privileges on the three affected tools.

While the vulnerability is problematic, for an attacker to succeed, the Windows software called Local Manageability Service would have to be running too. In short, only servers running that service with the port reachable end up exposed to remote code execution.



Leave a Reply

You must be logged in to post a comment.