Intel has released a security advisory that there is potential security vulnerability in Intel® Active Management Technology (AMT), and Intel® Standard Manageability (ISM) may allow escalation of privilege. Improper buffer restrictions in network subsystem in provisioned Intel(R) AMT and Intel(R) ISM versions before 11.8.79, 11.12.79, 11.22.79, 12.0.68 and 14.0.39 may allow an unauthenticated user to potentially enable escalation of privilege via network access.  On un-provisioned systems, an authenticated user may potentially enable escalation of privilege via local access.

Intel is releasing firmware updates to mitigate this potential vulnerability and recommends that users of Intel® AMT and Intel® ISM update to the latest version provided by the system manufacturer that addresses these issues.

Affected Products:

• Intel® AMT and Intel® ISM versions before 11.8.79, 11.12.79, 11.22.79, 12.0.68 and 14.0.39.

Note:  Firmware versions of Intel® AMT 3.x thru 10.x are no longer supported, thus were not assessed for the vulnerabilities/CVEs listed in this Advisory. There is no new release planned for these versions.

Matsco is currently reviewing and monitoring the update to be released by system manufacturers and arrange the patching accordingly for our maintenance contract clients.

Please contact the Matsco Solutions team on the below if you would like any further information.

support@matscosolutions.com

Beijing  +86 400 120 2782
Hong Kong  +852 8101 8418
London   +44 (0)20 7821 4950
New York  +1 866 446 9226
Singapore  +65 6100 1090