Articles & Reviews
News Archive
Forums
Premium
Contact
Categories

Computers Display Drivers Graphics Cards Linux Gaming Memory Motherboards Processors Software Storage Operating Systems Peripherals

Intel AMT Hit By Another "Critical" Security Vulnerability

Written by Michael Larabel in Intel on 8 September 2020 at 02:39 PM EDT. 8 Comments

INTEL

Intel's September 2020 security advisories were posted today and include four security advisories around nine vulnerabilities.

Details on some of the vulnerabilities still aren't loading yet but INTEL-SA-00404 is the most significant this month and it's another Intel AMT/ISM advisory ranked "critical". INTEL-SA-00404 sadly isn't the first major AMT/ISM vulnerability but at least the second AMT vulnerability of the year scoring a CVSS 9.8 out of 10 that is classified as critical.

Today's disclosure around Active Management Technology and Intel Standard Manageability is around privilege escalation and requires updated firmware to mitigate.

The advisory explains, "Improper buffer restrictions in network subsystem in provisioned Intel(R) AMT and Intel(R) ISM versions before 11.8.79, 11.12.79, 11.22.79, 12.0.68 and 14.0.39 may allow an unauthenticated user to potentially enable escalation of privilege via network access. On un-provisioned systems, an authenticated user may potentially enable escalation of privilege via local access."

8 Comments

Related News

Intel Lands "Round Robin Strict" Driver Optimization For Helping Battlemage/Xe2

Intel Looking To Raise SPIR-V Backend To Becoming An Official LLVM Target

Intel Panther Lake & Clearwater Forest Power Management Patches For Linux 6.14

Intel Begins Readying Graphics Driver Changes For The Linux 6.14 Kernel

UMD Direct Submission "Proof Of Concept" For The Intel Xe Linux Driver

Intel Linux Display Driver Being Adapted For DRM Panic "Blue Screen of Death" Support

About The Author

Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week

OpenWrt Affected By Security Issue That Could Have Led To Compromised Build Artifacts

Linus Torvalds Comes Out Against "Completely Broken" x86_64 Feature Levels

How AMD Is Taking Standard C/C++ Code To Run Directly On GPUs

Linux EFI Zboot Abandoning "Compression Library Museum", Focusing On Gzip & Zstd

Ptyxis Becomes Ubuntu's Recommended Replacement To GNOME Terminal

COSMIC Alpha 4 Released For System76's Rust-Based Desktop

GNU Shepherd 1.0 Service Manager Released As "Solid Tool" Alternative To systemd

KDE Starts December By Landing A Number Of New Features