Intel AMT® Upgradable to Vulnerable Firmware
Intel ID: INTEL-SA-00082
Product family: Intel AMT®
Impact of vulnerability: Elevation of Privilege
Severity rating: Moderate
Original release: Sep 05, 2017
Last revised: Sep 05, 2017
Intel® Active Management Technology, Intel® Standard Manageability, and Intel® Small Business Technology firmware versions 11.0.25.3001 and 11.0.26.3000 can be upgraded to firmware version 11.6.x.1xxx which is vulnerable to CVE-2017-5689 and can be performed by a local user with administrative privileges.This version of firmware can potentially impact Intel® Active Management Technology (AMT), Intel® Standard Manageability (ISM) or Intel® Small Business Technology (SBT). Consumer PCs with consumer firmware and data center servers using Intel® Server Platform Services are not affected by this vulnerability. Intel recommends that users contact their system manufacturers for updated firmware which mitigates this issue. This issue was discovered during Intel internal validation.[…]
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00082&languageid=en-fr
Firmware Security 