Professional Documents
Culture Documents
Intel Patches Remote Hijacking Vulnerability That Lurked in Chips For 7 Years - Ars Technica
Intel Patches Remote Hijacking Vulnerability That Lurked in Chips For 7 Years - Ars Technica
Intel patches
remote hijacking
vulnerability that
lurked in chips for
7 years
Flaw in remote management feature gives
attackers a way to breach networks.
DAN GOODIN - 5/2/2017, 1:55 AM
Intel
Enlarge
There is an escalation of
privilege vulnerability in
Intel® Active Management
Technology (AMT), Intel®
Standard Manageability
(ISM), and Intel® Small
Business Technology
versions firmware versions
6.x, 7.x, 8.x 9.x, 10.x, 11.0,
11.5, and 11.6 that can
allow an unprivileged
attacker to gain control of
the manageability features
provided by these
products. This
vulnerability does not exist
on Intel-based consumer
PCs.
Technology is not
vulnerable to the first
issue.
An unprivileged
network attacker
could gain system
privileges to
provisioned Intel
manageability SKUs:
Intel® Active
Management
Technology (AMT)
and Intel® Standard
Manageability (ISM).
CVSSv3 9.8
Critical
/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
An unprivileged local
attacker could
provision
manageability
features gaining
unprivileged
network or local
system privileges on
Intel manageability
SKUs: Intel® Active
Management
Technology (AMT),
Intel® Standard
Manageability (ISM),
and Intel® Small
Business Technology
(SBT).
CVSSv3 8.4
High
/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Enlarge
Promoted
Comments
M@yeulC / Smack-Fu JUMP TO
Master, in training
POST
DAN GOODIN
Dan is the Security Editor at
Ars Technica, which he joined
in 2012 after working for The
Register, the Associated
Press, Bloomberg News, and
other publications.
EMAIL
dan.goodin@arstechnica.com
// TWITTER @dangoodin001
Related Stories
https://arstechnica.com/information-technology/2017/05/intel-patches-remote-code-execution-bug-that-lurked-in-cpus-for-10-years/ Pagina 7 van 8
Intel patches remote hijacking vulnerability that lurked in chips for 7 years | Ars Technica 24-02-18 11(24
Related Stories
Today on Ars
CNMN Collection
WIRED Media Group
Use of this Site constitutes acceptance of our User Agreement (effective 1/2/14) and Privacy Policy (effective 1/2/14), and Ars
Technica Addendum (effective 5/17/2012). View our Affiliate Link Policy. Your California Privacy Rights. The material on this site
may not be reproduced, distributed, transmitted, cached or otherwise used, except with the prior written permission of Condé
Nast.