ADLINK Home Advisory Notes

Advisory note: Intel Firmware vulnerability

Intel published security information about an escalation of privilege vulnerability in Intel® Active Management Technology (AMT), Intel® Standard Manageability (ISM), and Intel® Small Business Technology.

Reference:
INTEL-SA-00075O
or CVE-2017-5689O
Intel News: https://newsroom.intel.com/news/important-security-information-intel-manageability-firmware/
US-CERT: https://www.us-cert.gov/ncas/current-activity/2017/05/01/Intel-Firmware-Vulnerability
JPCERT: http://jvn.jp/vu/JVNVU92793783/
Taiwan CERT: https://www.twcert.org.tw/twcert/advdetail/3382
CERT/CC Vulnerability Note VU#491375: http://www.kb.cert.org/vuls/id/491375
Embedi - What You Need Know About Intel Amt Vulnerability: https://www.embedi.com/news/what-you-need-know-about-intel-amt-vulnerability
Tenable Blog -Rediscovering the Intel AMT Vulnerability: https://www.tenable.com/blog/rediscovering-the-intel-amt-vulnerability

The information below includes a description of the vulnerability and the recommended steps as advised by Intel and ADLINK for affected product lines.

Summary

There is an escalation of privilege vulnerability in Intel® Active Management Technology (AMT), Intel® Standard Manageability (ISM), and Intel® Small Business Technology versions firmware versions 6.x, 7.x, 8.x 9.x, 10.x, 11.0, 11.5, and 11.6 that can allow an unprivileged attacker to gain control of the manageability features provided by these products. This vulnerability does not exist on Intel-based consumer PCs.

Applies to

1.Intel has provided to OEMs updated firmware for all impacted platforms
2. Impacted firmware versions with corresponding resolved firmware are shown on the table below

products

NOTE: Standard Manageability system have a subset of Intel AMT available features.

Download the List of ADLINK Product affected

Recommended steps

Intel has released a downloadable discovery tool located at Intel’s download center (https://downloadcenter.intel.com/download/26755), which will analyze your system for the vulnerability. IT professionals who are familiar with the configuration of their systems and networks can use this tool or can find more details below.

Step 1: (How to identify the product having these potential risks?)

Determine if you have an Intel® AMT, Intel® SBA, or Intel® ISM capable system by those method of website https://communities.intel.com/docs/DOC-5693. If you determine that you do not have an Intel® AMT, Intel® SBA, or Intel® ISM capable system then no further action is required.

Step 2: (How to make sure if the BIOS/ME code of product has been upgraded or not?)
Utilize the Detection Guide to assess if your system has the impacted firmware by download detection tools from Intel’s download center. https://downloadcenter.intel.com/download/26755. If you do have a version in the “Resolved Firmware” column no further action is required to secure your system from this vulnerability.

Step 3: (How to protect your system if the ME/BIOS code was not available to upgrade.)

If you do not have any plan to use those remote management technologies in the future, simply follow Intel’s Mitigation Guide (https://downloadcenter.intel.com/download/26754) to disable OR delete those functions.

Options for mitigation until the firmware update is available are:

Note that capabilities and features provided by AMT, ISM and SBT will be unavailable when these mitigations are implemented. The instructions to implement the mitigation steps are posted on Intel’s website (https://downloadcenter.intel.com/download/26754)

ADLINK Technology, also recommends that these mitigation options be reviewed and considered for older models (pre 2012) as applicable.


ADLINK Facebook ADLINK Google Plus ADLINK Twitter ADLINK Linkedin    Contact Us | Career | Investor Relations | Partner Center | Sitemap |
Copyright © ADLINK Technology Inc., Specification and product names are trademarks or trade names of their respective companies or organizations.