SB2018073107 - Multiple vulnerabilities in Intel Active Management Technology

Security Bulletin ID SB2018073107

Severity

High

Patch available

YES

Number of vulnerabilities 3

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 3 secuirty vulnerabilities.

1) Buffer overflow (CVE-ID: CVE-2018-3628)

The vulnerability allows a remote attacker on the local network to gain elevated privileges on the target system.

The vulnerability exists due to buffer overflow in the HTTP handler when handling malicious input. A remote attacker can send specially crafted data, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

2) Buffer overflow (CVE-ID: CVE-2018-3629)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to buffer overflow in the event handler when handling malicious input. A remote attacker can send specially crafted data, trigger memory corruption and cause the service to crash.

3) Memory corruption (CVE-ID: CVE-2018-3632)

The vulnerability allows a local administrative attacker to gain elevated privileges on the target system.

The vulnerability exists due to boundary error. A local attacker can trigger memory corruption and gain elevated privileges to conduct further attacks.

Remediation

Install update from vendor's website.

References

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00112.html