Intel Confirms Vulnerability In Intel AMT/ME
Intel Active Management Technology, Intel Small Business Technology, and Intel Standard Manageability are subject to a hole allowing an unprivileged attacker to gain control of the management features for these products. The issue was made public today via INTEL-SA-00075.
For those with AMT enabled on their systems, it can affect supported processors going back to 2008 when AMT6 debuted -- thus the vulnerability covers from Nehalem to Kabylake CPUs.
More details via Intel's security statement and have begun offering updated firmware to system providers to address the issue. Intel has also published a mitigation guide.