DaemonForums  

Go Back   DaemonForums > DaemonForums.org > News

News News regarding BSD and related.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 8th May 2017
e1-531g e1-531g is offline
VPN Cryptographer
 
Join Date: Mar 2014
Posts: 354
Default Vulnerability in Intel® AMT

INTEL-SA-00075

Intel patches remote hijacking vulnerability that lurked in chips for 7 years

Explained — How Intel AMT Vulnerability Allows to Hack Computers Remotely

What You Need To Know About The Intel AMT Vulnerability

Quote:
May 5, 2017 – Embedi For the first time since Intel made the Intel ME vulnerability known to the public, Embedi has now been granted permission to reveal the technical details publicly. Embedi, which detected the Intel AMT vulnerability in mid-February of this year, feared releasing the details before it was fixed would spark attacks on Intel AMT business users. Intel representatives were informed in March

The Intel AMT vulnerability is the first of its kind. The exploitation allows an attacker to get full control over a business computers, even if they are turned off (but still plugged into an outlet). We really hope by bringing this to light, it will raise awareness about security issues in firmware and avoid possible issues in the future.

By nature, the Intel AMT exploitation bypasses authentication. In other words, an attacker may now credentials and still be able to use the Intel AMT functionality. Access to ports 16992/16993 are the only requirement to perform a successful attack.
__________________
Signature: Furthermore, I consider that systemd must be destroyed.
Based on Latin oratorical phrase
Reply With Quote
Reply

Tags
intel amt, intel me

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Security Serious glibc, the GNU C library, vulnerability J65nko News 0 16th February 2016 10:02 PM
Security DoS vulnerability in ModSecurity fixed J65nko News 0 29th May 2013 08:37 AM
Security Critical PHP vulnerability being fixed J65nko News 1 3rd February 2012 01:27 PM
Skype Vulnerability for Mac OSX Users nilsgecko News 0 9th May 2011 01:02 AM
Vulnerability OldCoot OpenBSD Security 5 20th March 2009 07:44 PM


All times are GMT. The time now is 09:16 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2017, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick