Monday, January 25, 19:57
Home security Intel fixes critical vulnerabilities in corporate platforms

Intel fixes critical vulnerabilities in corporate platforms

vulnerability

Η Intel released yesterday on updates Platform Update for September 2020, which correct nine issues security. One of these issues is one Critical vulnerability affecting Active Management Technology (AMT) and Intel Standard Manageability (ISM) platforms.

The Intel ATM is part of it Intel vPro, and is mainly used by IT Ops teams for remote corporate network retrieval, correction and management /systems.

These issues were discussed in five notifications published by Intel on Product Security Center which included tips for safety.

Intel provides lists of vulnerabilities products, tips and contact information at the end of each notification. Contact details are given so that users be able to report other issues security which may affect the products or technology of Intel.

Intel

Vulnerability on Active Management Technology (AMT)

The vulnerability in AMT is defined as CVE-2020-8758 and has been rated by Intel as critical security issue (CVSS rating: 9,8). Vulnerability can allow the attacker to gradually gain more privileges in vulnerable systems in order to gain access in places you normally should not.

The vulnerability is due to inappropriate restrictions on temporary storage data in the network subsystem and could allow unauthorized users to “eventually acquire more rights throughout the corporate network".

All Intel AMT and Intel ISM versions before 11.8.79, 11.12.79, 11.22.79, 12.0.68 and 14.0.39 are vulnerable into a attacks who can take advantage of vulnerability CVE-2020-8758. Fortunately, the vulnerability does not appear to have been exploited by cybercriminals at this time.

In June, Intel fixed two other critical vulnerabilities in AMT (CVE-2020-0594 and CVE-2020-0595), with a CVSS score of 9,8.

Intel Platform Update September 2020

The current Intel security updates are listed in the table below, with information on the severity of the vulnerabilities so that users which updates should be given priority.

AdvisoryAdvisory IDSeverity ratingCVSS Range
Intel AMT and Intel ISM AdvisoryINTEL-SA-00404CRITICAL7.8-9.8
Intel Driver & Support Assistant AdvisoryINTEL-SA-00405MEDIUM4.4
Intel BIOS AdvisoryINTEL-SA-00356MEDIUM2.0-5.1
Intel BIOS AdvisoryINTEL-SA-00347HIGH5.5-7.6

Intel recommends that users check the download links provided in the notifications or contact their system manufacturers and operating system vendors to find out how they can receive these updates.

Intel has not found any evidence that the above vulnerabilities have been exploited by hackers. However, it advises users install new security updates as soon as possible to prevent possible future ones attacks.

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Digital Fortress
Digital Fortresshttps://www.secnews.gr
Pursue Your Dreams & Live!

LIVE NEWS

iPhone: How to see which apps have access to your contacts

Some iPhone privacy issues go deeper than accessing your contacts list, which exposes your contacts to ...

COVID-19: Google makes vaccination clinics available

Google CEO Sundar Pichai said Monday that the company will make its facilities available to become clinics ...

Netflix offers "studio quality" audio upgrade on Android

Do not be surprised if Netflix sounds better the next time you run a marathon with rows on your Android phone ...

Will Bitcoin return to $ 40.000? There is concern!

Bitcoin lovers who take his return above the level of $ 40.000 for granted have been worried because the demand ...

Avaddon ransomware: Its operators threaten with DDoS attacks to get ransom!

Lately, more and more ransomware gangs tend to threaten their targets with DDoS attacks in order to secure profits ....

Volunteer firefighters will be trained through VR simulation

Volunteer firefighters in the Australian state of Victoria will soon have access to the virtual reality (VR) training that will be available in ...

Tesla: Accuses its former employee of stealing her confidential data!

On January 23, Tesla sued former employee Alex Khatilov for stealing 26.000 confidential documents, including trade secrets. The software ...

SpaceX launched 143 satellites simultaneously

SpaceX broke every record with its last spacecraft mission into orbit. The company successfully launched the Transporter-1 mission ...

Sony may resurrect the Xperia Compact to compete with Apple

Have you seen the iPhone 12 mini and wish there was an Android equivalent to this small but powerful smartphone? Can the desire ...

Artificial intelligence (AI) may one day be used against us

AI algorithms offer us the news we read, the ads we see, and in some cases even drive cars ...