Intel waxay dejisay laba muhiim ah (CVE-2020-0594, CVE-2020-0595) ee hirgelinta Intel Active Management Technology (AMT) iyo Intel Standard Manageability (ISM), kuwaas oo bixiya is-dhexgalka iyo maaraynta qalabka. Arrimaha waxaa lagu qiimeeyay heerka ugu sarreeya ee darnaanta (9.8 ee 10 CVSS) sababtoo ah baylahdu waxay u oggolaanaysaa weeraryahan shabakad aan la xaqiijin inuu galo hawlaha maareynta qalabka fog isagoo soo diraya xirmooyinka IPV6 ee si gaar ah loo farsameeyay. Dhibaatadu waxay soo baxdaa kaliya marka AMT ay taageerto gelitaanka IPV6, kaas oo naafo ah. Nuglaanta waxaa lagu hagaajiyay cusboonaysiinta firmware 11.8.77, 11.12.77, 11.22.77 iyo 12.0.64.
Aan dib u xasuusanno in Chipset-yada casriga ah ee Intel ay ku rakiban yihiin Microprocessor Engine Engine gaar ah oo u shaqeeya si ka madaxbanaan CPU iyo nidaamka hawlgalka. Mashiinka Maareynta wuxuu fuliyaa hawlaha u baahan in laga saaro OS, sida habaynta maadooyinka la ilaaliyo (DRM), hirgelinta TPM (Trusted Platform Module) modules iyo is-dhexgal heer hoose ah oo loogu talagalay kormeerka iyo maareynta qalabka. Interface-ka AMT wuxuu kuu ogolaanayaa inaad gasho hawlaha maaraynta awooda, la socodka taraafikada, bedelida goobaha BIOS, cusboonaysiinta firmware-ka, tirtirida saxanka, fogaynta OS cusub (ku dayashada darawal USB ah oo aad ka bootin karto), wareejinta konsole (Serial Over LAN iyo KVM over). shabakada) iyo iwm. Interface-yada la bixiyay ayaa ku filan in lagu fuliyo weerarrada loo isticmaalo marka ay jirto helitaanka jireed ee nidaamka, tusaale ahaan, waxaad ku shuban kartaa nidaam Live ah oo aad ka bedeli kartaa nidaamka ugu muhiimsan.
Source: opennet.ru