1 min read

Intel Business Chips Sport Decade-Old Vulnerabilities Allow Remote Control

Liviu ARSENE

May 02, 2017

Promo Protect all your devices, without slowing them down.
Free 30-day trial
Intel Business Chips Sport Decade-Old Vulnerabilities Allow Remote Control

A pair of critical privilege escalation vulnerabilities in Intel”s Active Management Technology (AMT), Standard Manageability (ISM), and Small Business Technology (SBT) firmware could allow an unprivileged attacker to remotely gain network or system privileges. Affected chips date back to 2008, when Intel started using the Nehalem architecture.

The Mitigation Guide released by Intel states that companies using the AMT management solution could be remotely or locally exploitable by attackers, and should start by unprovisioning the Intel Manageability SKU clients. Intel also says disabling or removing the Local Manageability Service (LMS) could mitigate the vulnerability.

“Intel highly recommends that the first step in all mitigation paths is to unprovision the Intel manageability SKU to address the network privilege escalation vulnerability,” reads the mitigation guide. “For provisioned systems, unprovisioning must be performed prior to disabling or removing the LMS.”

One way of figuring out if machines have LMS services enabled is to check if the 16992, 16993, 16994, 16995, 623, and 664 ports are listening for instructions from Intel Manageability Engine. These ports can route traffic directly through the firmware, and network hosts listening on these ports could be used by attackers when pivoting their attack.

While consumer Intel chips do not appear affected, Intel advises affected companies to either check with their OEMs for firmware updates or simply adhere to the published mitigation guide. Affected Intel manageability firmware versions range from 6.0 to 11.6, from 1st generation all the way to 7t generation CPUs.

However, with older machines not being supported anymore by manufacturers, it”s likely they won”t receive the firmware update and IT administrators will have to simply follow Intel”s mitigation guideline.

tags


Author


Liviu ARSENE

Liviu Arsene is the proud owner of the secret to the fountain of never-ending energy. That's what's been helping him work his everything off as a passionate tech news editor for the past few years.

View all posts

You might also like

Bookmarks


loader