Today, the United States Computer Emergency Readiness Team (US-CERT) posted about a security bulletin that Intel released, which addresses vulnerabilities in the firmware of Management Engine, Server Platform Services, and Trusted Execution Engine. According to US-CERT, a hacker could use these to take control of your system.
The issue affects a wide range of Intel products, including 6th- (Skylake), 7th- (Kaby Lake), and 8th-generation (Kaby Lake R) Core chips, along with Xeon E3-1200 v5 and v6, Xeon Scalable family, and Xeon W family. Lower-powered chips are also affected, including Apollo Lake Atom and Pentium chips, as well as Celeron N and J processors.
Intel Manageability Engine versions 11.0.x.x, 11.5.x.x, 11.6.x.x, 11.7.x.x, 11.10.x.x, and 11.20.x.x include the following exploits:
| CVE ID | CVE Title | CVSSv3 Vectors |
|---|---|---|
| CVE-2017-5705 | Multiple buffer overflows in kernel in Intel Manageability Engine Firmware 11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the system to execute arbitrary code. |
8.2 High AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H |
| CVE-2017-5708 | Multiple privilege escalations in kernel in Intel Manageability Engine Firmware 11.0/11.5/11.6/11.7/11.10/11.20 allow unauthorized process to access privileged content via unspecified vector. |
7.5 High AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N |
| CVE-2017-5711 | Multiple buffer overflows in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the system to execute arbitrary code with AMT execution privilege. |
6.7 Moderate AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
| CVE-2017-5712 | Buffer overflow in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allows attacker with remote Admin access to the system to execute arbitrary code with AMT execution privilege. |
7.2 High AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
Versions 8.x, 9.x, and 10.x are also affected, but only include the latter two issues. Server Platform Service 4.0.x.x contains the following vulnerabilities:
| CVE ID | CVE Title | CVSSv3 Vectors |
|---|---|---|
| CVE-2017-5706 | Multiple buffer overflows in kernel in Intel Server Platform Services Firmware 4.0 allow attacker with local access to the system to execute arbitrary code. |
CVSS 8.2 High AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H |
| CVE-2017-5709 | Multiple privilege escalations in kernel in Intel Server Platform Services Firmware 4.0 allows unauthorized process to access privileged content via unspecified vector. |
CVSS 7.5 High AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N |
Finally, Trusted Execution Engine version 3.0.x.x includes similar vulnerabilities to those listed for Server Platform Service.
Intel is offering a Detection Tool that you can use to find out if your PC is affected by these issues. Of course, it's also recommended that you check with your OEM for updated firmware for your device. To find out the version that you need to be secure, you can find Intel's list here.
9 Comments - Add comment