In Pre-Skylake (ME 11.X) chipsets, it was built on ARC architecture with RT-OS ThreadX, web server, and JavaVM engine running applets in J Executable File Format (JEFF).įigure 1: Architecture of Intel’s Management Engine (recreated original image source: Intel) It’s enough to have the computer’s power supply plugged into the power outlet, or have the battery inside the notebook for this small, silent computer to run in the background. It runs when the computer is in sleep or standby modes, and even when switched off. In a nutshell, Intel ME is a small computer inside the motherboard chipset running independently of the operating system (OS). Computers with the “vPro” (even older ones) have the ME. ![]() Intel ME Platform: An OverviewThis piece of HW and SW is located in Intel chipsets, which started in 82573E known as 945 (ICH7) in 2008, integrated into high-end desktop, notebook, and server chipset families. Blocking or disabling the use of ports 16992-16995, which the vulnerability leverages, is also recommended. Given CVE-2017-5698’s impact, which can be compounded by the other flaws identified in Intel’s latest security advisory, users and system administrators are urged to update and patch their MEs. This security issue was divulged in the research, " Silent Bob is Silent." Compared to the recently identified ME vulnerabilities, CVE-2017-5689 was assigned a CVSSv3 score of 9.8. While there are certain factors and/or triggers for this vulnerability, it can provide attackers administration access and enable them to remotely reset or power off the vulnerable system if exploited successfully. The advisory provides critical ME, Trusted Execution Technology (TXE), and Server Platform Services (SPS) firmware updates for versions 8.X-11.X covering multiple CVE IDs, with CVSS scores between 6.7 and 8.2.īut there is also another notable vulnerability that can pose a bigger risk especially to corporate computers and networks: CVE-2017-5689, a privilege escalation flaw. ![]() ![]() ![]() Intel recently released a security advisory detailing several security flaws in its Management Engine (ME).
0 Comments
Leave a Reply. |