Multiple potential security vulnerabilities in Intel® Active Management Technology (AMT) in Intel® CSME firmware may allow arbitrary code execution, a partial denial of service or information disclosure. Intel is releasing Intel® CSME firmware updates to mitigate these potential vulnerabilities.****
CVEID:** **CVE-2018-3657
Description: Multiple buffer overflows in Intel® AMT in Intel® CSME firmware versions before version 12.0.5 may allow a privileged user to potentially execute arbitrary code with Intel® AMT execution privilege via local access.
CVSS Base Score:** **6.7 Medium
CVSS Vector:** **CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVEID:** **CVE-2018-3658
Description: Multiple memory leaks in Intel® AMT in Intel® CSME firmware versions before 12.0.5 may allow an unauthenticated user with Intel® AMT provisioned to potentially cause a partial denial of service via network access.
CVSS Base Score:** **5.3 Medium
CVSS Vector:** CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L**
CVEID:** **CVE-2018-3616
Description: Bleichenbacher-style side channel vulnerability in TLS implementation in Intel® Active Management Technology before 12.0.5 may allow an unauthenticated user to potentially obtain the TLS session key via the network.
CVSS Base Score:** **7.4 High
CVSS Vector:** **CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Intel® Management Engine (ME):
Updated ME Firmware version
|
Replaces ME Firmware version
Intel® CSME 11.8.55
|
11.0.x, 11.5.x, 11.6.x, 11.7.x, 11.8.x
Intel® CSME 11.11.55
|
11.10.x, 11.11.x
Intel® CSME 11.21.55
|
11.20.x, 11.21.x
Intel® ME 10.0.60
|
10.0.x
Intel® ME 9.5.65*
|
9.5.x
Intel® ME 9.1.45*
|
9.0.x, 9.1.x
Intel® CSME 12.0.6
|
12.0.3
*resolves CVE-2018-3616 only.
Intel recommends that users of Intel® CSME update to the latest version provided by the system manufacturer that addresses these issues.
Intel would like to thank Hanno Böck, Juraj Somorovsky (Hackmanit GmbH, RuhrUniversität Bochum) and Craig Young (Tripwire VERT) for reporting CVE-2018-3616 and working with us on coordinated disclosure.
CVE-2018-3657 and CVE-2018-3658 were found internally by Intel.