Note to readers

This publication does not currently meet the Government of Canada's Web Standards. The information remains valid.

Intel® Active Management Technology (AMT) - Escalation of Privilege Vulnerability

Number: AV17-060
Date: 3 May 2017

Purpose

The purpose of this advisory is to bring attention to a vulnerability VulnerabilityA flaw or weakness in the design or implementation of an information system or its environment that could be exploited to adversely affect an organization's assets or operations. in Intel® Active Management Technology, Intel® Small Business Technology, and Intel® Standard.

Assessment

CCIRC is aware of an escalation of privilege vulnerability in Intel® Active Management Technology (AMT), Intel® Standard Manageability (ISM), and Intel® Small Business Technology versions firmware versions 6.x, 7.x, 8.x 9.x, 10.x, 11.0, 11.5, and 11.6. This vulnerability can allow an unprivileged attacker to gain control of the manageability features provided by these products. This vulnerability does not exist on Intel-based consumer PCs.

Suggested action

CCIRC recommends that system administrators test and deploy the vendor-released updates to affected applications accordingly.

References

INTEL-SA-00075: Intel Active Management Technology, Intel Small Business Technology, and Intel Standard Manageability Escalation of Privilege
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075&languageid=en-fr

Date modified: