AMT
From Leo's Notes
This page was last edited on 15 June 2020, at 00:49.
Vulnerability
A vulnerability allows an attacker to access the AMT web interface with no credentials required due to an issue with how the HTTP digest authentication is compared.
AMT versions that ends with a version number less than 3000 are vulnerable.
Some Dell systems have already been patched (ie. Optiplex 9010). Refer to http://en.community.dell.com/techcenter/extras/m/white_papers/20443914 for more info.
See Also
- https://newsroom.intel.com/news/important-security-information-intel-manageability-firmware/
- https://arstechnica.com/security/2017/05/the-hijacking-flaw-that-lurked-in-intel-chips-is-worse-than-anyone-thought/?comments=1&post=33283099