Intel announces security vulnerability in many of its modern processors

Today, the United States Computer Emergency Readiness Team (US-CERT) posted about a security bulletin that Intel released, which addresses vulnerabilities in the firmware of Management Engine, Server Platform Services, and Trusted Execution Engine. According to US-CERT, a hacker could use these to take control of your system.

The issue affects a wide range of Intel products, including 6th- (Skylake), 7th- (Kaby Lake), and 8th-generation (Kaby Lake R) Core chips, along with Xeon E3-1200 v5 and v6, Xeon Scalable family, and Xeon W family. Lower-powered chips are also affected, including Apollo Lake Atom and Pentium chips, as well as Celeron N and J processors.

Intel Manageability Engine versions 11.0.x.x, 11.5.x.x, 11.6.x.x, 11.7.x.x, 11.10.x.x, and 11.20.x.x include the following exploits:

CVE ID CVE Title CVSSv3 Vectors
CVE-2017-5705 Multiple buffer overflows in kernel in Intel Manageability Engine Firmware 11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the system to execute arbitrary code.

8.2 High

AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

CVE-2017-5708 Multiple privilege escalations in kernel in Intel Manageability Engine Firmware 11.0/11.5/11.6/11.7/11.10/11.20 allow unauthorized process to access privileged content via unspecified vector.

7.5 High

AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N

CVE-2017-5711 Multiple buffer overflows in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the system to execute arbitrary code with AMT execution privilege.

6.7 Moderate

AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVE-2017-5712 Buffer overflow in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allows attacker with remote Admin access to the system to execute arbitrary code with AMT execution privilege.

7.2 High

AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H


Versions 8.x, 9.x, and 10.x are also affected, but only include the latter two issues. Server Platform Service 4.0.x.x contains the following vulnerabilities:

CVE ID CVE Title CVSSv3 Vectors
CVE-2017-5706 Multiple buffer overflows in kernel in Intel Server Platform Services Firmware 4.0 allow attacker with local access to the system to execute arbitrary code.

CVSS 8.2 High

AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

CVE-2017-5709 Multiple privilege escalations in kernel in Intel Server Platform Services Firmware 4.0 allows unauthorized process to access privileged content via unspecified vector.

CVSS 7.5 High

AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N


Finally, Trusted Execution Engine version 3.0.x.x includes similar vulnerabilities to those listed for Server Platform Service.

Intel is offering a Detection Tool that you can use to find out if your PC is affected by these issues. Of course, it's also recommended that you check with your OEM for updated firmware for your device. To find out the version that you need to be secure, you can find Intel's list here.

Source: US-CERT | Intel (1) (2)

Report a problem with article
Previous Story

ProtonMail launches encrypted contacts manager

Next Story

iMac Pro could arrive with cellular connectivity for theft protection

9 Comments - Add comment

Advertisement