Intel tau kho ob qhov tseem ceeb (CVE-2020-0594, CVE-2020-0595) hauv kev siv Intel Active Management Technology (AMT) thiab Intel Standard Manageability (ISM), uas muab kev sib tshuam rau kev saib xyuas thiab tswj cov khoom siv. Cov teeb meem raug ntsuas nyob rau theem siab tshaj plaws (9.8 tawm ntawm 10 CVSS) vim tias qhov muaj qhov tsis zoo tso cai rau tus neeg siv lub network tsis muaj kev lees paub kom nkag mus rau cov chaw taws teeb tswj kev ua haujlwm los ntawm kev xa cov pob ntawv tshwj xeeb IPv6. Qhov teeb meem tsuas yog tshwm sim thaum AMT txhawb IPv6 nkag, uas yog neeg xiam oob qhab los ntawm lub neej ntawd. Cov vulnerabilities tau kho nyob rau hauv firmware hloov tshiab 11.8.77, 11.12.77, 11.22.77 thiab 12.0.64.
Cia peb nco qab tias Intel cov chipsets niaj hnub no tau nruab nrog lub tshuab tswj hwm cais microprocessor uas ua haujlwm ntawm nws tus kheej ntawm CPU thiab kev ua haujlwm. Lub Tuam Txhab Tswjhwm ua cov haujlwm uas yuav tsum tau muab cais tawm ntawm OS, xws li kev ua cov ntsiab lus tiv thaiv (DRM), kev siv TPM (Trusted Platform Module) modules thiab qis-theem interfaces rau kev saib xyuas thiab tswj cov khoom siv. AMT interface tso cai rau koj nkag mus rau kev tswj hwm lub zog, kev saib xyuas kev tsheb khiav, hloov BIOS nqis, hloov kho firmware, so disks, remotely booting ib tug tshiab OS (emulating ib tug USB tsav uas koj yuav khau raj), console redirection (Serial Over LAN thiab KVM dhau. network) thiab lwm yam. Cov interfaces muab tau txaus los ua kom muaj kev tawm tsam uas siv thaum muaj kev nkag mus rau lub cev, piv txwv li, koj tuaj yeem thauj khoom Live system thiab hloov pauv los ntawm nws mus rau lub ntsiab system.
Tau qhov twg los: opennet.ru