
Intel-SA-00404: Intel AMT and Intel ISM Advisory - jlgaddis
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00404.html
======
jlgaddis
> _Summary:_

> _Potential security vulnerability in Intel® Active Management Technology
> (AMT), and Intel® Standard Manageability (ISM) may allow escalation of
> privilege. Intel is releasing firmware updates to mitigate this potential
> vulnerability._

> _CVSS Vector (Provisioned, unauthenticated, network):_

> _CVSS Base Score: 9.8 Critical_

------
olliej
So this sounds like a network accessible attack and RCE on the AMT system
itself.

Apparently only for devices that are set up for such management, but that
would still mean many corporate machines as I inderstand AMT.

This seems less than optimal.

