漏洞类别:Hardware
漏洞等级: 
漏洞信息
A privilege escalation vulnerability resides in Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology, which may allow an unprivileged attacker to gain control of the manageability features provided by these products.
Affected Versions:
Intel manageability firmware versions 6.x, 7.x, 8.x 9.x, 10.x, 11.0, 11.5, and 11.6 for Intel Active Management Technology, Intel Small Business Technology, and Intel Standard Manageability.
QID Detection Logic:
Intel AMT when enabled exposes its version remotely on TCP ports 16992, 16993. This QID matches vulnerable versions based on the exposed information.
漏洞危害
An attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM).
解决方案
The vendor has released an updated firmware to fix the vulnerability. Please refer to Intel advisory INTEL-SA-00075 for details.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0day
文章评论