#STBY – Intel Management Engine (Intel AMT) exploit in the wild CVE-2017-5689

Intel recently screwed us all with the Atom C2000 processors taking a massive crash and burn on end users, leading to all sorts of embedded devices turning into giant paperweights.   This week, Intel blessed us with an exploit in the wild hitting their Advanced Management Technology (AMT).

AMT is their ability to remotely configure and control desktop and server systems via web service calls.  Firewall off where ever possible ports 16992 and 16993, though if someone get’s inside, it’s a free for all.  A Pseudo-Patch has been created.  Apply it today!



Tenable made a really good blog post about how to add a scan for this in Nessus.  https://www.tenable.com/blog/rediscovering-the-intel-amt-vulnerability

If you bought into Intel vPro, or any enterprise level feature on Intel tech, it #SucksToBeYou!


Be Sociable, Share!
Comments are closed.