Intel Active Management Technology vulnerability alert

Intel AMT is called Intel Active Management Technology. It is a system integrated into the chip and did not depend on a specific operating system. This is the most significant difference between Intel AMT and remote control software. Remote management is possible with this technology even if the computer is off or the operating system is down.

Intel recently updated Intel Active Management Technology and patched three patches, numbered CVE-2018-3628, CVE-2018-3629, CVE-2018-3632. AMT technology is enabled on PC devices that use Intel processors. IoT devices, workstations, and servers with AMT firmware versions between 3.x and 11.x are affected by this vulnerability.

The 360-CERT team has evaluated that the vulnerability risk level is important and recommends that users defend against the relevant fix suggestions.

CVE-2018-3628: A buffer overflow vulnerability exists in the Http handler of the AMT module in Intel Converged Security Manageability Engine (CSME) firmware. An attacker can initiate an attack by constructing a malicious HTTP request to control vulnerability in the LAN. Machine to execute malicious code.

Severity: high

Affected firmware version: 3.x to 11.x

CVE-2018-3629: A buffer overflow vulnerability exists in the Event handler for the AMT module in Intel Converged Security Manageability Engine (CSME) firmware. An attacker can construct malicious code to cause a denial of service to the target.

Severity: high

Affected firmware version: 3.x to 11.x

CVE-2018-3632: A memory corruption vulnerability exists in the AMT module on Intel Converged Security Manageability Engine (CSME) firmware, which allows an attacker to construct malicious code for local code lifting.

Severity: Medium

Affected firmware version: 6.x/7.x/8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20

AMT technology is enabled on PC devices that use Intel processors. IoT devices, workstations, and servers with AMT firmware versions between 3.x and 11.x are affected.

The affected CPU models are as follows:

  • Intel® Core™ 2 Duo vPro™ and Intel® Centrino™ 2 vPro™
  • 1st, 2nd, 3rd, 4th, 5th, 6th, 7th, & 8th Generation Intel® Core™ Processor Family
  • Intel® Xeon® Processor E3-1200 v5 & v6 Product Family (Greenlow)
  • Intel® Xeon® Processor Scalable Family (Purley)
  • Intel® Xeon® Processor W Family (Basin Falls)

Fix

Users are advised to fine-tune the firmware to the latest version as soon as possible.
Associated CPU GenerationResolved Firmware versions or higher
4th Generation Intel® Core™ Processor FamilyIntel® CSME 9.1.43 Intel® CSME 9.5.63
5th Generation Intel® Core™ Processor FamilyIntel® CSME 10.0.57
6th Generation Intel® Core™ Processor FamilyIntel® CSME 11.8.50
7th Generation Intel® Core™ Processor FamilyIntel® CSME 11.8.50
8th Generation Intel® Core™ Processor FamilyIntel® CSME 11.8.50
Intel® Xeon® Processor E3-1200 v5 & v6 Processor FamilyIntel® CSME 11.8.50
Intel® Xeon® Processor Scalable FamilyIntel® CSME 11.21.51
Intel® Xeon® Processor W FamilyIntel® CSME 11.11.50

Share