Intel Active Management Technology Escalation of Privilege

Overview

Intel disclosed a security vulnerability in the Intel® Active Management Technology (AMT) firmware that ships in several NI controllers. The vulnerability can allow an unprivileged attacker to gain control of the manageability features provided by this technology. NI strongly recommends taking the action specified below for controllers with affected firmware.

Contents

Impact on NI Products

An attack can exploit this vulnerability on NI controllers with affected AMT firmware in two ways:

  • Local: If you have not enabled AMT on a controller, an unprivileged attacker with physical access can enable AMT to gain system-level privileges that can be accessed remotely as well as locally.
  • Remote: If you have enabled AMT on a controller, an unprivileged attacker with network access can gain system-level privileges.

 

Affected Products

Intel has observed the vulnerability in AMT firmware versions 6.x, 7.x, 8.x, 9.x, 10.x, 11.0, and 11.5.

 

ControllerMinimum Version of Fixed FirmwareRecommendation
cRIO-90816.2.61.3535Apply Patch
cRIO-90826.2.61.3535Apply Patch
cDAQ-91386.2.61.3535Apply Patch
cDAQ-91396.2.61.3535Apply Patch
PXI-81096.2.61.3535Apply Patch
PXIe-81157.1.91.3272Apply Patch
PXI-81157.1.91.3272Apply Patch
PXI-81198.1.71.3608Apply Patch
PXIe-81336.2.61.3535Apply Patch
PXIe-81358.1.71.3608Apply Patch
PXIe-88219.1.41.3024Apply Patch
PXIe-8830mc9.1.41.3024Contact NI
PXIe-8840 Quad Core9.1.41.3024Apply Patch
PXIe-88409.1.41.3024Apply Patch
IC-317210.0.55.3000Apply Patch
IC-317310.0.55.3000Apply Patch

 

 

Mitigation

Apply the recommended patches above to mitigate the vulnerability for the corresponding controller. If you chose not to apply the mitigation patch, you can reduce the security risk on controllers with vulnerable firmware by applying the two mitigations described below. Refer to the INTEL-SA-00075 Mitigation Guide for the commands to perform the following steps.

  1. If you have provisioned AMT on a controller, unprovision AMT to reduce the likelihood of remote exploitation.
  2. If you have enabled the Local Manageability Service (LMS), disable LMS to reduce the likelihood of local exploitation.

 

CVSS Score

  • Local: CVSSv3 8.4 (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
  • Remote: CVSSv3 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

 

Was this information helpful?

Yes

No