Intel fixes critical flaw in corporate remote management platform

CyberPanther

Level 6
Thread author
Verified
Well-known
Oct 1, 2019
295
Intel today addressed nine security vulnerabilities with the release of the September 2020 Platform Update, one of them being a critical flaw impacting the Active Management Technology (AMT) and Intel Standard Manageability (ISM) platforms.

Intel ATM is part of the Intel vPro platform, which spans Intel Core vPro and Intel Xeon processors, and it is primarily used by IT Ops teams for remotely discovering, repairing, and managing networked corporate systems.

These issues were detailed in five security advisories published by Intel on its Product Security Center, with fixes addressing them having been delivered to customers via the Intel Platform Update (IPU) process before disclosure.

Intel also provides lists of affected products and support for vulnerable products at the end of each advisory, together with contact details for reporting other security issues found to affect Intel products or tech.

Intel AMT remote privilege escalation
The AMT vulnerability tracked as CVE-2020-8758 is rated by Intel as a critical severity security issue with a CVSS base score of 9.8 and it may allow escalation of privilege on vulnerable systems following successful exploitation.

The vulnerability is due to improper buffer restrictions in the network subsystem and it could allow unauthenticated attackers to "escalate privileges on AMT provisioned systems across the corporate network."
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top