Intel Active Management Technology Escalation of Privilege

An attack can exploit this vulnerability on NI controllers with affected AMT firmware in two ways:

• Local: If you have not enabled AMT on a controller, an unprivileged attacker with physical access can enable AMT to gain system-level privileges that can be accessed remotely as well as locally.
• Remote: If you have enabled AMT on a controller, an unprivileged attacker with network access can gain system-level privileges.

Intel has observed the vulnerability in AMT firmware versions 6.x, 7.x, 8.x, 9.x, 10.x, 11.0, and 11.5.

Apply the recommended patches above to mitigate the vulnerability for the corresponding controller. If you chose not to apply the mitigation patch, you can reduce the security risk on controllers with vulnerable firmware by applying the two mitigations described below. Refer to the INTEL-SA-00075 Mitigation Guide for the commands to perform the following steps.

1. If you have provisioned AMT on a controller, unprovision AMT to reduce the likelihood of remote exploitation.
2. If you have enabled the Local Manageability Service (LMS), disable LMS to reduce the likelihood of local exploitation.

• Local: CVSSv3 8.4 (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
• Remote: CVSSv3 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

• CVE-2017-5689
• INTEL-SA-00075 
• INTEL-SA-00075 Detection and Mitigation Tool