Intel Fixes Critical Flaw in Corporate Remote Management Platform
Image: Intel
Intel today addressed nine security vulnerabilities with the release of the September 2020 Platform Update, one of them being a critical flaw impacting the Active Management Technology (AMT) and Intel Standard Manageability (ISM) platforms.
Intel ATM is part of the Intel vPro platform, which spans Intel Core vPro and Intel Xeon processors, and it is primarily used by IT Ops teams for remotely discovering, repairing, and managing networked corporate systems.
These issues were detailed in five security advisories published by Intel on its Product Security Center, with fixes addressing them having been delivered to customers via the Intel Platform Update (IPU) process before disclosure.
Intel also provides lists of affected products and support for vulnerable products at the end of each advisory, together with contact details for reporting other security issues found to affect Intel products or tech.
Intel AMT remote privilege escalation
The AMT vulnerability tracked as CVE-2020-8758 is rated by Intel as a critical severity security issue with a CVSS base score of 9.8 and it may allow escalation of privilege on vulnerable systems following successful exploitation.
The vulnerability is due to improper buffer restrictions in the network subsystem and it could allow unauthenticated attackers to “escalate privileges on AMT provisioned systems across the corporate network.”
“For customers using Intel vPro systems that do not have AMT provisioned, an authenticated user with local access to the system may still be able to escalate privileges,” Intel’s Director of Communications Jerry Bryant said.
“If the platform is configured to use Client Initiated Remote Access (CIRA) and environment detection is set to indicate that the platform is always outside the corporate network, the system is in CIRA-only mode and is not exposed to the network vector.”
All Intel AMT and Intel ISM versions before 11.8.79, 11.12.79, 11.22.79, 12.0.68, and 14.0.39 are vulnerable to CVE-2020-8758 attacks. Fortunately, the vulnerability is not currently being exploited in the wild according to Bryant.
In June, Intel patched two other critical AMT privilege escalation vulnerabilities with 9.8 CVSS ratings (CVE-2020-0594 and CVE-2020-0595), affecting non-standard configurations where AMT was configured to use Internet Protocol version 6 (IPv6).
Also read: Personal Data Websites: 3 Things That You Must Be Informed
September 2020 Intel Platform Update advisories
Today’s Intel security advisories are listed in the table below, with info on their CVSS range severity rating to help users prioritize patch deployment.
Intel recommends checking the download links provided within the advisories or checking with your system manufacturers and OS vendors to learn how to obtain these updates.
| Advisory | Advisory ID | Severity rating | CVSS Range |
| Intel AMT and Intel ISM Advisory | INTEL-SA-00404 | CRITICAL | 7.8-9.8 |
| Intel Driver & Support Assistant Advisory | INTEL-SA-00405 | MEDIUM | 4.4 |
| Intel BIOS Advisory | INTEL-SA-00356 | MEDIUM | 2.0-5.1 |
| Intel BIOS Advisory | INTEL-SA-00347 | HIGH | 5.5-7.6 |
A full list of computer manufacturer support sites from where you can obtain most updates can be found here.
Intel is not aware of any of the issues addressed today being actively exploited in the wild but customers are still advised to install the security updates released today as soon as possible to block future attacks.
Also read: Computer Misuse Act Singapore: The Truth And Its Offenses
0 Comments