8th May 2017
|
ISO Quartermaster
|
|
Join Date: Mar 2014
Posts: 628
|
|
Vulnerability in Intel® AMT
INTEL-SA-00075
Intel patches remote hijacking vulnerability that lurked in chips for 7 years
Explained — How Intel AMT Vulnerability Allows to Hack Computers Remotely
What You Need To Know About The Intel AMT Vulnerability
Quote:
May 5, 2017 – Embedi For the first time since Intel made the Intel ME vulnerability known to the public, Embedi has now been granted permission to reveal the technical details publicly. Embedi, which detected the Intel AMT vulnerability in mid-February of this year, feared releasing the details before it was fixed would spark attacks on Intel AMT business users. Intel representatives were informed in March
The Intel AMT vulnerability is the first of its kind. The exploitation allows an attacker to get full control over a business computers, even if they are turned off (but still plugged into an outlet). We really hope by bringing this to light, it will raise awareness about security issues in firmware and avoid possible issues in the future.
By nature, the Intel AMT exploitation bypasses authentication. In other words, an attacker may now credentials and still be able to use the Intel AMT functionality. Access to ports 16992/16993 are the only requirement to perform a successful attack.
|
__________________
Signature: Furthermore, I consider that systemd must be destroyed.
Based on Latin oratorical phrase
|