Computer security researchers discovered a major vulnerability in the Intel Active Management technology allowing hackers to gain privilege escalation. This is a feature that is used to carry out remote control access to machines. This issue has recently been patched by Intel. The issue is being tracked in the CVE-2020-8758 advisory.
Intel Patched Active Management Technology Which Allowed For Privilege Escalation
A recently discovered security flaw in the Active Management Technology used in computers equipped in recent Intel CPUs has been patched. It allowed remote hackers to take over control of the target computers in unpatched systems. According to the available information the hackers needed to be on the same network as the machine in order to send out the required commands.
The issue is tracked in the CVE-2020-8758 advisory with a very high rating which ranks the problem as critical in its severity scale. So far there are no reported cases of abuse from criminals. However, Intel has only recently provided detection guidelines to security vendors and partners meaning that the scanning has been possible recently.
The root cause of the problem is a flaw in the controlling mechanism of this feature which has allowed for privilege escalation. The feature is part of Intel’s platform called vPro platform — widely used by enterprise and company networks for remote control. One of the important factors which are highlighted by Intel is the fact that it is not easy to exploit the target systems. In order for any user to gain access to the Intel Active Management system, they must undergo a provisioning process – a connection from a target computer to a remote host that is configured to work with it. If this setup is made the unauthenticated user could be a hacker that can abuse the system and potentially lead to privilege escalation.
This discovered flaw provides a new way of accessing interested systems via this hacking method. Since Intel has released updates and definitions to their partners and security vendors we recommend that the latest security patches are applied to your operating system and user-installed applications.