Intel has just patched a vulnerability which has been open and exploitable in all its enterprise targeted Core processors – for the last nine years. Since 2008 Intel’s business-focussed PC processors have shipped with Active Management Technology (AMT), Intel Standard Manageability (ISM) and Small Business Technology (SBT) features – all useful features for remote management. However, these powerful features could be accessed by anyone with a copy of Metasploit on the same network, or from anywhere in the world if port 16992 was left accessible.
A firmware patch has been released by Intel, said to be capable of filling in the security holes left open by its enterprise remote management features. The ‘critical escalation of privilege’ vulnerability was present in firmware versions 6.x, 7.x, 8.x 9.x, 10.x, 11.0, 11.5, and 11.6 and allowed “an unprivileged attacker to gain control of the manageability features provided by these products”. Intel emphasises that the remote access vulnerability does not exist on Intel-based consumer PCs.