The Intel Corporation has identified eight separate vulnerabilities in its Management Engine (ME), Server Platform Services (SPS) and Trusted Execution Engine (TXE). These vulnerabilities have the potential to affect any devices that make use of Intel’s affected processors, including PCs, servers and IoT platforms. Successful exploitation of these vulnerabilities may allow for elevation of privileges, remote admin access, unauthorized code execution or it may cause systems to crash or become unstable.

 

What you should do about it

  • System administrators should use the downloadable detection tool provided by Intel to check for affected products [1].
  • After completing a business impact review, apply manufacturer updates as they become available.

 

Additional information

These vulnerabilities are not currently being exploited in the wild. Any successful attack that exploits these vulnerabilities would require an advanced skill level.

For a full list of CVEs and additional technical details, please see below [2]:

Affected Products:

  • 6th, 7th & 8th Generation Intel® Core™ Processor Family
  • Intel® Xeon® Processor E3-1200 v5 & v6 Product Family
  • Intel® Xeon® Processor Scalable Family
  • Intel® Xeon® Processor W Family
  • Intel® Atom® C3000 Processor Family
  • Apollo Lake Intel® Atom Processor E3900 series
  • Apollo Lake Intel® Pentium™
  • Celeron™ N and J series Processors

 

Affected Version

  • ME Firmware versions 11.0/11.5/11.6/11.7/11.10/11.20
  • SPS Firmware version 4.0
  • TXE version 3.0

 

Additional Sources

[1]https://downloadcenter.intel.com/download/27150

[2]https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr

See the latest security advisories

Articles and reports written by eSentire staff and our Threat Intelligence Research Group.

Ready to get started?
We're here to help.

Get Started
Reach out to schedule a meeting and learn more about our Managed Detection and Response, Risk Advisory and Managed Prevention capabilities.