This document illustrates the manual exploitation of the vulnerability found in the Intel Active Management Technology in 2017 that stripped off the primary authentication mechanism in the Intel AMT web interface.
cfebcadf4361db526ce74bd43cf6067fdd66062b8ff3d28335972d33dcde2b8dHPE Security Bulletin HPESBHF03754 1 - A potential security vulnerability has been identified in HPE ML10 Gen 9 Server using Intel Xeon E3-1200 v5 Processor. The vulnerability could be remotely exploited to allow access restriction bypass. **Note:** On May 1st, 2017, Intel disclosed a new vulnerability with their Intel Manageability Firmware which is utilized on some systems containing Intel processors. This vulnerability allows an unprivileged network or local attacker to gain control of the remote manageability features of Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT) platforms. Do not attempt to upgrade the ME FW without following the instructions detailed in the Resolution section. Refer to the "Platform Specific Information" section in the Resolution for more specific information on upgrades for specific ProLiant servers. Revision 1 of this advisory.
4d31e00a83f7af60acef62cbc14ea5e7015d46ee67c0435ccd3ad9f6141664b0
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed