Intel Active Management Technology vulnerability alert
Intel AMT is called Intel Active Management Technology. It is a system integrated into the chip and did not depend on a specific operating system. This is the most significant difference between Intel AMT and remote control software. Remote management is possible with this technology even if the computer is off or the operating system is down.
Intel recently updated Intel Active Management Technology and patched three patches, numbered CVE-2018-3628, CVE-2018-3629, CVE-2018-3632. AMT technology is enabled on PC devices that use Intel processors. IoT devices, workstations, and servers with AMT firmware versions between 3.x and 11.x are affected by this vulnerability.
The 360-CERT team has evaluated that the vulnerability risk level is important and recommends that users defend against the relevant fix suggestions.
CVE-2018-3628: A buffer overflow vulnerability exists in the Http handler of the AMT module in Intel Converged Security Manageability Engine (CSME) firmware. An attacker can initiate an attack by constructing a malicious HTTP request to control vulnerability in the LAN. Machine to execute malicious code.
Severity: high
Affected firmware version: 3.x to 11.x
CVE-2018-3629: A buffer overflow vulnerability exists in the Event handler for the AMT module in Intel Converged Security Manageability Engine (CSME) firmware. An attacker can construct malicious code to cause a denial of service to the target.
Severity: high
Affected firmware version: 3.x to 11.x
CVE-2018-3632: A memory corruption vulnerability exists in the AMT module on Intel Converged Security Manageability Engine (CSME) firmware, which allows an attacker to construct malicious code for local code lifting.
Severity: Medium
Affected firmware version: 6.x/7.x/8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20
AMT technology is enabled on PC devices that use Intel processors. IoT devices, workstations, and servers with AMT firmware versions between 3.x and 11.x are affected.
The affected CPU models are as follows:
- Intel® Core™ 2 Duo vPro™ and Intel® Centrino™ 2 vPro™
- 1st, 2nd, 3rd, 4th, 5th, 6th, 7th, & 8th Generation Intel® Core™ Processor Family
- Intel® Xeon® Processor E3-1200 v5 & v6 Product Family (Greenlow)
- Intel® Xeon® Processor Scalable Family (Purley)
- Intel® Xeon® Processor W Family (Basin Falls)
Fix
| Associated CPU Generation | Resolved Firmware versions or higher |
|---|---|
| 4th Generation Intel® Core™ Processor Family | Intel® CSME 9.1.43 Intel® CSME 9.5.63 |
| 5th Generation Intel® Core™ Processor Family | Intel® CSME 10.0.57 |
| 6th Generation Intel® Core™ Processor Family | Intel® CSME 11.8.50 |
| 7th Generation Intel® Core™ Processor Family | Intel® CSME 11.8.50 |
| 8th Generation Intel® Core™ Processor Family | Intel® CSME 11.8.50 |
| Intel® Xeon® Processor E3-1200 v5 & v6 Processor Family | Intel® CSME 11.8.50 |
| Intel® Xeon® Processor Scalable Family | Intel® CSME 11.21.51 |
| Intel® Xeon® Processor W Family | Intel® CSME 11.11.50 |
