Intel’s AMT Vulnerability Could Cripple Systems Worldwide

157

What if a hacker could gain access to your PC without even needing a password? Well, your processor might be to blame. A vulnerability in the firmware of Intel based chips has been discovered that would allow hackers to remotely gain access to your Windows PC without even needing a password. That’s not all though. The vulnerability has been in existence for almost a decade without anyone knowing about it.

Intel
Image Credits: Digital Trends

According to Intel, who rated it as “critical”, the bug lies in a feature of Intel’s Active Management Technology or AMT. If you’re an IT Administrator, you would have probably come across the term a few times and you may be even using it as you read this article. AMT essentially allows IT administrators to carry out maintenance, repairs and upgrades to systems remotely on entire fleets of systems. This includes functionality such as software updates and even wiping hard drives. In addition, AMT also allows the administrator to remotely control the computer’s input devices such as keyboard and mouse, even when the PC is powered off.

Managing systems of vast number is a daunting task. So AMT was made available via a web browser. All the IT administrator had to do was set a password and then he/she could access systems when they’re switched off. This is where the problem arose. Because of the bug, hackers could enter a blank password and still access the web console.

Intel AMT
Image Credits: YouTube

According to Embedi researchers, who were responsible for finding the bug, a flaw in the way that the default admin account handled the account for the web interface password would essentially allow anyone to log in by just entering nothing at the log-in screen. In case you were wondering, Intel systems that date back as 2010 and 2011 and running firmware 6.0 and later are all affected by the flaw. That is a significant number of systems that are vulnerable to attack. Furthermore, any Internet accessible device with open ports 16992 and 16993 are at risk as they are the only ports needed for a successful hack.

According to Shodan, which is a search engine used for finding open ports and databases, there are more than 8,500 systems that are vulnerable to this bug with around 300 of them being in the US alone. This number could be greater if you take into account systems on internal networks.

Intel issued a statement where they said that they are working with their hardware partners to find a solution to the problem and indeed they have completed its patch. A validated firmware update has been released to OEMs, and Intel is cooperating with them to make it available to customer. Thus far, companies such as Dell, Fujitsu, HP, and Lenovo have all said that they would roll out a solution to their customers.

Are you Affected by Intel’s AMT Vulnerability?

Well, for starters, Intel has released a tool that would determine if your system is infected or not. Also, on a hardware level, AMT is only available in desktops, servers, ultrabooks, tablets, and laptops with Intel Core vPro processor family. These include the Intel Core i3, i5, i7, and Intel Xeon processor E3-1200 product family. However, Consumer devices such as smartphones powered by Intel Atom processors are not affected by the bug.

Have you checked your PC to see if you’re affected? Leave a comment in the section below.

LEAVE A REPLY

Please enter your comment!
Please enter your name here