F-Secure Reveals Another Intel Security Flaw Involving AMT

/ 6 years ago

F-Secure Reveals Another Intel Security Flaw

While Intel is feeling the brunt of criticisms for the Meltdown and Spectre security flaws revealed recently, their problems are not over yet. Security researchers from F-Secure has discovered another flaw. This time involving Intel’s Active Management Technology (AMT) allowing attackers “access to the backdoor in less than 30 seconds”. The issue even allows the attacker to bypass the need to enter credentials, including BIOS and Bitlocker passwords and TPM pins, and to gain remote access for later exploitation.

Intel AMT Problem

Intel’s AMT is a solution for remote access monitoring and maintenance of corporate-grade personal computers. The original intention is for allowing IT departments or managers to better control their device fleets. The technology is commonly found in corporate laptops. It has even been called out for security weaknesses in the past. However, the pure simplicity of exploiting this particular issue sets it apart from previous instances. Attackers can take advantage of the exploit in mere seconds without a single line of code.

To exploit this, all an attacker needs to do is reboot the target machine and press CTRL-P during bootup. The attacker may then log into Intel Management Engine BIOS Extension (MEBx) using the default password, “admin,” as this default on most corporate laptops. After which, the attacker may change the password to their preference, enable remote access and set AMT’s user opt-in to “None.”

The attacker now gains remote access to the system from both wireless and wired networks. As long as they’re able to insert themselves onto the same network segment with the victim. F-Secure has even released a video on YouTube explaining the issue:

Intel’s Response

Intel has sent the following response via Ars Technica about the issue:

We appreciate the security research community calling attention to the fact that some system manufacturers have not configured their systems to protect Intel Management Engine BIOS Extension (MEBx). (Intel) issued guidance on best configuration practices in 2015 and updated it in November 2017. We strongly urge OEMs to configure their systems to maximize security. Intel has no higher priority than our customers’ security. And we will continue to regularly update our guidance to system manufacturers to make sure they have the best information on how to secure their data.

Topics: , , , ,

Support eTeknix.com

By supporting eTeknix, you help us grow and continue to bring you the latest newsreviews, and competitions. Follow us on FacebookTwitter and Instagram to keep up with the latest technology news, reviews and more. Share your favourite articles, chat with the team and more. Also check out eTeknix YouTube, where you'll find our latest video reviews, event coverage and features in 4K!

Looking for more exciting features on the latest technology? Check out our What We Know So Far section or our Fun Reads for some interesting original features.

eTeknix Facebook eTeknix Twitter eTeknix Instagram eTeknix Instagram
  • Be Social With eTeknix

    Facebook Twitter YouTube Instagram Reddit RSS Discord Patreon TikTok Twitch
  • Features

Send this to a friend