2 comments

[ 4.6 ms ] story [ 19.8 ms ] thread
> Summary:

> Potential security vulnerability in Intel® Active Management Technology (AMT), and Intel® Standard Manageability (ISM) may allow escalation of privilege. Intel is releasing firmware updates to mitigate this potential vulnerability.

> CVSS Vector (Provisioned, unauthenticated, network):

> CVSS Base Score: 9.8 Critical

So this sounds like a network accessible attack and RCE on the AMT system itself.

Apparently only for devices that are set up for such management, but that would still mean many corporate machines as I inderstand AMT.

This seems less than optimal.