Sign-up

ID

VAR-201801-1831


TITLE

Intel AMT has a high-risk security vulnerability

Trust: 0.6

sources: CNVD: CNVD-2018-00925

DESCRIPTION

Intel AMT, the full name of INTEL Active Management Technology (Intel Active Management Technology), is essentially an embedded system integrated in the chipset, independent of the specific operating system. This technology allows administrators to remotely manage and repair networked computer systems, and the implementation process is completely transparent to the client. Intel AMT has high-risk security vulnerabilities. Attackers can use the Intel Management Engine BIOS extension (MEBx) default password \"admin\" to log in, gain full control of the system, steal data, and deploy malware on the device.

Trust: 0.6

sources: CNVD: CNVD-2018-00925

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2018-00925

AFFECTED PRODUCTS

vendor:intelmodel:amtscope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2018-00925

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2018-00925
value: HIGH

Trust: 0.6

CNVD: CNVD-2018-00925
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2018-00925

EXTERNAL IDS

db:CNVDid:CNVD-2018-00925

Trust: 0.6

sources: CNVD: CNVD-2018-00925

REFERENCES

url:https://www.sintonen.fi/advisories/intel-active-management-technology-mebx-bypass.txt

Trust: 0.6

sources: CNVD: CNVD-2018-00925

SOURCES

db:CNVDid:CNVD-2018-00925

LAST UPDATE DATE

2022-05-04T09:17:10.289000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2018-00925date:2018-01-16T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2018-00925date:2018-01-15T00:00:00