Tag: INTEL-SA-00056

Update on Intel SMM vulnerability

~ hucktech ~ Leave a comment

Intel SMM EoP mitigations due Sep-19

More on this:

Multiple Intel systems have SMM runtime EoP

https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00056&languageid=en-fr

Intel has a security advisory about SMM Elevation of Privilege vulnerability on multiple Intel product. It appears they have an estimated release for this: “Estimated Sept. 19th”

Severity rating: Important

Intel is releasing mitigations for a privilege escalation issue. This issue affects the UEFI BIOS of select Intel Products. The issue identified is a method that enables malicious code to gain access to System Management Mode (SMM). A malicious attacker with local administrative access can leverage the vulnerable function to gain access to System Management Mode (SMM) and take full control of the platform. Intel products that are listed below should apply the update. Other vendors’ products which use the common BIOS function SmmRuntime may be impacted.  To find out whether a product you have may be vulnerable to this issue, please contact your system supplier. Intel highly recommends applying the mitigations. For Intel branded products where a mitigation is still pending, we recommend following good security practices including running with least privilege and keeping security software and operating systems up to date.

The advisory also shows how to use dmidcode on Linux to get the vendor ID:

dmidecode -t 0 | grep Version | awk -F : ‘{ print $2 }’ | sed s/\ //g
dmidecode -t 2 | grep Product | awk -F : ‘{ print $2 }’ | sed s/\ //g

More info:
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00056&languageid=en-fr

Multiple Intel systems have SMM runtime EoP

~ hucktech ~ Leave a comment

See the full announcement for the list of vulnerable products. Regardless of model, it sounds like no fix until early September.

SmmRuntime Escalation of Privilege
Intel ID:      INTEL-SA-00056
Product family:      Intel® Server Board S1200/1400/1600/2400/2600/4600 series
Impact of vulnerability:      Elevation of Privilege
Severity rating:      Important
Original release:      Aug 08, 2016

Intel is releasing mitigations for a privilege escalation issue. This issue affects the UEFI BIOS of select Intel Products. The issue identified is a method that enables malicious code to gain access to System Management Mode (SMM). A malicious attacker with local administrative access can leverage the vulnerable function to gain access to System Management Mode (SMM) and take full control of the platform. Intel products that are listed below should apply the update. Other vendors’ products which use the common BIOS function SmmRuntime may be impacted.  To find out whether a product you have may be vulnerable to this issue, please contact your system supplier. Intel highly recommends applying the mitigations. For Intel branded products where a mitigation is still pending, we recommend following good security practices including running with least privilege and keeping security software and operating systems up to date. […]

https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00056&languageid=en-fr