Intel ya gyara mahimmanci guda biyu (CVE-2020-0594, CVE-2020-0595) a cikin aiwatar da Intel Active Management Technology (AMT) da Intel Standard Manageability (ISM), waɗanda ke ba da musaya don saka idanu da sarrafa kayan aiki. Abubuwan da aka ƙididdige su a mafi girman matakin tsanani (9.8 cikin 10 CVSS) saboda raunin da ya faru yana ba da damar maharin cibiyar sadarwa mara inganci don samun damar yin amfani da ayyukan sarrafa kayan masarufi ta hanyar aika fakiti na musamman na IPv6. Matsalar tana bayyana ne kawai lokacin da AMT ke goyan bayan samun damar IPV6, wanda aka kashe ta tsohuwa. An daidaita raunin a cikin sabunta firmware 11.8.77, 11.12.77, 11.22.77 da 12.0.64.
Bari mu tuna cewa kwakwalwan kwamfuta na Intel na zamani suna sanye da wani microprocessor Injin Gudanarwa daban wanda ke aiki ba tare da CPU da tsarin aiki ba. Injin Gudanarwa yana aiwatar da ayyukan da ke buƙatar raba su da OS, kamar sarrafa abun ciki mai kariya (DRM), aiwatar da samfuran TPM (Trusted Platform Module) da ƙananan matakan musanyawa don saka idanu da sarrafa kayan aiki. Ƙwararren AMT yana ba ku damar samun damar ayyukan sarrafa wutar lantarki, saka idanu kan zirga-zirga, canza saitunan BIOS, sabunta firmware, goge diski, yin booting sabon OS (koyi da kebul na USB wanda zaku iya taya), jujjuyawar wasan bidiyo (Serial Over LAN da KVM over). network) da sauransu. Hanyoyin da aka bayar sun isa don kai hare-haren da ake amfani da su lokacin da akwai damar jiki zuwa tsarin, alal misali, za ku iya loda tsarin Live kuma kuyi canje-canje daga shi zuwa babban tsarin.
source: budenet.ru