Insufficiently protected credentials in Intel AMT SDK, SCS and MEBx

1) Insufficiently protected credentials

EUVDB-ID: #VU60479

Risk: Low

CVSSv3.1: 6.6 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-33107

CWE-ID: CWE-522 - Insufficiently Protected Credentials

Exploit availability: No

Description

The vulnerability allows a local attacker to compromise the target system.

The vulnerability exists due to insufficiently protected credentials in USB provisioning. An attacker with physical access can obtain credentials and gain elevated privileges on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Active Management Technology SDK: before 16.0.3

Intel Setup and Configuration Software (SCS): before 12.2

Intel Management Engine BIOS eXtensions (MEBx): before 15.0.0.0004

Intel 500 series chipset: before 15.0.0.0004

Intel 400 Series Chipset: before 15.0.0.0004

8th Generation Intel Core Processors: before 12.0.0.0011

Pentium Gold processor series (G54XXU): before 12.0.0.0011

Intel Celeron Processor 4000 Series: before 12.0.0.0011

Intel 300 Series Chipset: before 12.0.0.0011

Intel C240 Series Chipset: before 12.0.0.0011

Intel 200 Series Chipset: before 11.0.0.0012

Intel 100 Series Chipset: before 11.0.0.0012

Intel C230 series chipset: before 11.0.0.0012

Intel C420 Chipset: before 11.0.0.0012

Intel C620 Series Chipset: before 11.0.0.0012

External links

http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00575.html

Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.