Security News > 2020 > September > Critical Intel Active Management Technology Flaw Allows Privilege Escalation
Intel patched a critical privilege escalation vulnerability in its Active Management Technology, which is used for remote out-of-band management of PCs. AMT is part of the Intel vPro platform and is primarily used by enterprise IT shops for remote management of corporate systems.
The issue, found internally by Intel employees, ranks 9.8 out of 10 on the CVSS scale, making it critical severity, according to Intel in a Tuesday security advisory.
"While we are not aware of the AMT issue being used in active attacks, Intel has provided detection guidance to various security vendors who have released signatures into their intrusion detection/prevention products as an extra measure to help protect customers as they plan their deployment of this update," Jerry Bryant, director of communications with Intel Product Assurance and Security, said in a security advisory posted Tuesday.
The flaw stems from improper buffer restrictions in a third party component network subsystem within Intel AMT. One important factor that impacts how difficult the flaw is to exploit is whether or not AMT is "Provisioned." In order to use AMT, systems must go through a process called "Provisioning." This process is used to connect the computer to a remote computer used to manage it.
Earlier in June, Intel patched two critical flaws exist in the IPv6 subsystem of AMT. The flaws could potentially enable an unauthenticated user to gain elevated privileges via network access.