Windows 10: Intel CSME, SPS, TXE, DAL, and Intel AMT 2019.1 QSR Advisory

Brink · May 17, 2019

Intel ID: INTEL-SA-00213 Advisory Category: Firmware, Software Impact of vulnerability: Escalation of Privilege, Denial of Service, Information Disclosure Severity rating: HIGH Original release: 05/14/2019 Last revised: 05/14/2019
Summary:

Multiple potential security vulnerabilities in Intel® Converged Security & Management Engine (Intel® CSME), Intel® Server Platform Services (Intel® SPS), Intel® Trusted Execution Engine Interface (Intel® TXE), Intel® Dynamic Application Loader (Intel® DAL), and Intel® Active Management Technology (Intel® AMT) may allow escalation of privilege, information disclosure, and/or denial of service. Intel is releasing Intel® CSME, Intel® SPS, Intel® TXE, and Intel® AMT updates to mitigate these potential vulnerabilities.

Vulnerability Details:

CVEID: CVE-2019-0089
Description: Improper data sanitization vulnerability in subsystem in Intel(R) SPS before versions SPS_E5_04.00.04.381.0, SPS_E3_04.01.04.054.0, SPS_SoC-A_04.00.04.181.0, and SPS_SoC-X_04.00.04.086.0 may allow a privileged user to potentially enable escalation of privilege via local access.
CVSS Base Score: 8.1 High
CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:H

CVEID: CVE-2019-0090
Description: Insufficient access control vulnerability in subsystem for Intel(R) CSME before version 12.0.35, Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow unauthenticated user to potentially enable escalation of privilege via physical access.
CVSS Base Score: 7.1 High
CVSS Vector: CVSS:3.0/AV/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

CVEID: CVE-2019-0086
Description: Insufficient access control vulnerability in Dynamic Application Loader software for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable escalation of privilege via local access.
CVSS Base Score: 7.8 High
CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVEID: CVE-2019-0091
Description: Code injection vulnerability in installer for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable escalation of privilege via local access.
CVSS Base Score: 6.6 Medium
CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H

CVEID: CVE-2019-0092
Description: Insufficient input validation vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
CVSS Base Score: 6.8 Medium
CVSS Vector: CVSS:3.0/AV/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVEID: CVE-2019-0093
Description: Insufficient data sanitization vulnerability in HECI subsystem for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow a privileged user to potentially enable information disclosure via local access.
CVSS Base Score: 2.3 Low
CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

CVEID: CVE-2019-0094
Description: Insufficient input validation vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an unauthenticated user to potentially enable denial of service via adjacent network access.
CVSS Base Score: 4.3 Medium
CVSS Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CVEID: CVE-2019-0096
Description: Out of bound write vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an authenticated user to potentially enable escalation of privilege via adjacent network access.
CVSS Base Score: 6.7 Medium
CVSS Vector: CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H

CVEID: CVE-2019-0097
Description: Insufficient input validation vulnerability in subsystem for Intel(R) AMT before version 12.0.35 may allow a privileged user to potentially enable denial of service via network access.
CVSS Base Score: 4.9 Medium
CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

CVEID: CVE-2019-0098
Description: Logic bug vulnerability in subsystem for Intel(R) CSME before version 12.0.35, Intel(R) TXE before 3.1.65, 4.0.15 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
CVSS Base Score: 5.7 Medium
CVSS Vector: CVSS:3.0/AV/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CVEID: CVE-2019-0099
Description: Insufficient access control vulnerability in subsystem in Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
CVSS Base Score: 5.7 Medium
CVSS Vector: CVSS:3.0/AV/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CVEID: CVE-2019-0153
Description: Buffer overflow in subsystem in Intel(R) CSME before version 12.0.35 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
CVSS Base Score: 9.0 Critical
CVSS Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

CVEID: CVE-2019-0170
Description: Buffer overflow in subsystem in Intel(R) DAL before version 12.0.35 may allow a privileged user to potentially enable escalation of privilege via local access.
CVSS Base Score: 8.2 High
CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Affected Products:

Intel® CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35

Intel® CSME, Intel® Active Management Technology, and Intel® DAL Updated Intel® CSME Firmware Version Replaces Intel® CSME Firmware Version 11.8.65 11.0 thru 11.8.60 11.11.65 11.10 thru 11.11.60 11.22.65 11.20 thru 11.22.60 12.0.35 12.0 thru 12.0.20
Intel® Server Platform Services before versions
SPS_E3_05.00.04.027.0

Intel® Server Platform Services Updated Intel® Server Platform Services Firmware Version Replaces Intel® Server Platform Services Firmware Version SPS_E3_05.00.04.027.0 SPS_E3_05.00.00.000.0 thru SPS_E3_05.00.04.023.0
Intel® Trusted Execution Engine before TXE 3.1.65, 4.0.15

Intel® Trusted Execution Engine Updated Intel® Trusted Execution Engine Firmware Version Replaces Intel® Trusted Execution Engine Firmware Version 3.1.65 3.0 thru 3.1.50 4.0.15 4.0 thru 4.0.5
Note: Firmware versions of Intel® ME 3.x thru 10.x, Intel® TXE 1.x thru 2.x and Intel® Server Platform Services 1.x thru 2.X are no longer supported, thus were not assessed for the vulnerabilities/CVEs listed in this Technical Advisory. There is no new release planned for these versions.

Recommendations:

Intel recommends that users of Intel® CSME, Intel® SPS, Intel® TXE, Intel® DAL, and Intel® AMT update to the latest version provided by the system manufacturer that addresses these issues.

Acknowledgements:

Intel would like to thank Lasse Trolle Borup of Langkjaer Cyber Defence (CVE-2019-0086) for reporting this issue. CVE-2019-0090 was found externally by an Intel partner.

The additional issues were found internally by Intel employees. Intel would like to thank Alex Gutkin, Arie Haenel, Michael Henry, Moshe Wagner, Tikvah Katz, Yaakov Cohen and Yair Netzer.

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.

Revision History

Revision Date Description 1.0 05/14/2019 Initial Release
Click to expand...

Source: https://www.intel.com/content/www/us...-sa-00213.html

:)

RAJU.MSC.MATHEMATICS · May 17, 2019

UPDATE INTEL ME FIRMWARE FOR CONVERGED SECURITY & MANAGEMENT ENGINE ISSUES IN INTEL PROCESSORS -SA-00125

Kaspersky Password Manager

Create a strong password for your account

Intel was notified of an issue with the Intel® Converged Security and Management Engine (Intel® CSME) firmware. An attacker with physical access could do the following on an individual platform:

Bypass Intel® CSME anti-replay protection, thus allowing potential brute force attacks on secrets stored inside the Intel CSME;

Gain unauthorized access to the Intel® Management Engine BIOS Extension (Intel® MEBX) password;

Tamper with the integrity of the Intel® CSME file system directories or the Server Platform Services and Trusted Execution Environment (Intel® TXE) data files.

ffected products/technologies

The issue has been identified as a vulnerability in the Intel® CSME firmware versions: 11.0 through 11.8.50; 11.10 through 11.11.50; 11.20 through 11.21.51, Intel® Server Platform Services firmware version
4.0 (on Purley and Bakerville only) and Intel® TXE version 3.0 through 3.1.50.

Systems using Intel® CSME firmware versions prior to 11.0/ Intel® Server Platform Services 4.0/TXE 3.0 or using firmware versions 11.8.55/11.11.55/11.21.55/ Intel® Server Platform Services 5.0 and higher/TXE
3.1.55 or higher don't contain the identified vulnerability.

[table][tr][td]Intel® Converged Security and Management Engine (Intel® CSME)[/td][/tr][tr][td]Updated Intel® CSME Firmware version[/td][td]Replaces Intel® CSME Firmware version[/td][/tr][tr][td]11.8.55.3510[/td][td]11.8.50.3399[/td][/tr][tr][td]11.11.55.1509[/td][td]11.11.50.1402[/td][/tr][tr][td]11.21.55.1508[/td][td]11.21.50.1400[/td][/tr][tr][td]Intel® Server Platform Services[/td][/tr][tr][td]Updated SPS Firmware version[/td][td]Replaces SPS Firmware version[/td][/tr][tr][td]SPS_SoC-A_04.00.04.177.0[/td][td]SPS_SoC-A_04.00.04.172.0[/td][/tr][tr][td]SPS_SoC-X_04.00.04.077.0[/td][td]SPS_SoC-X_04.00.04.057.0[/td][/tr][tr][td]SPS_E5_04.00.04.381.0[/td][td]SPS_E5_04.00.04.340.0[/td][/tr][tr][td]Intel® Trusted Execution Engine (TXE)[/td][/tr][tr][td]Updated TXE Firmware version[/td][td]Replaces TXE Firmware version[/td][/tr][tr][td]3.1.55[/td][td]3.1.50.2222[/td][/tr][/table]

Contact your system or motherboard manufacturer to obtain an Intel CSME firmware update or BIOS update that addresses this vulnerability. Intel can't provide updates for systems or motherboards from other manufacturers.

The Intel SA-00125 Detection tool is available in UTILITY to assist customers
in determining if systems are vulnerable to this issue.

I have ready updated to much higher version than expected n my asus vivobook 15 r542uq-dm153

i have 11.8.59.3560

Thanks for reading my post , give me helpful votes if you find it.

Brink · May 17, 2019

Intel Platform Trust Technology (PTT) Update Advisory

[table][tr]Intel ID: INTEL-SA-00142 [/tr] [tr][td]Advisory Category:[/td] [td]Firmware[/td] [/tr] [tr][td]Impact of vulnerability:[/td] [td]Information Disclosure[/td] [/tr] [tr][td]Severity rating:[/td] [td]MEDIUM[/td] [/tr] [tr][td]Original release:[/td] [td]09/11/2018[/td] [/tr] [tr][td]Last revised:[/td] [td]09/11/2018[/td] [/tr] [/table]

Summary:

A potential vulnerability in the Intel® PTT module in Intel® CSME firmware and Intel® TXE firmware may allow information disclosure. Intel is releasing Intel® CSME firmware and Intel® TXE firmware updates to mitigate this potential vulnerability.

Vulnerability Details

CVEID: CVE-2018-3659

Description: A vulnerability in Intel® PTT module in Intel® CSME firmware before version 12.0.5 and Intel® TXE firmware before version 4.0 may allow an unauthenticated user to potentially disclose information via physical access.

CVSS Base Score: 6.8 Medium

CVSS Vector: CVSS:3.0/AV/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products:

[table][tr][td]Intel® CSME:[/td] [/tr] [tr][td]Updated Intel® CSME Firmware version[/td] [td]Replaces Intel® CSME Firmware version[/td] [/tr] [tr][td]12.0.6[/td] [td]12.0 through 12.0.5[/td] [/tr] [/table]

[table][tr][td]Intel® Trusted Execution Engine (TXE)[/td] [/tr] [tr][td]Updated TXE Firmware version[/td] [td]Replaces TXE Firmware version[/td] [/tr] [tr][td]3.1.55[/td] [td]3.0 through 3.1.50[/td] [/tr] [tr][td]4.0.5[/td] [td]4.0.0[/td] [/tr] [/table]

Recommendations:

Intel recommends that users of Intel® CSME and Intel® Trusted Execution Engine (TXE) update to the latest version provided by the system manufacturer that addresses these issues.

Acknowledgements:

This issue was found internally by Intel.

Revision History

[table][tr]Revision Date Description [/tr] [tr][td]1.0[/td] [td]09/11/2018[/td] [td]Initial Release[/td] [/tr] [/table]
Click to expand...

Source: INTEL-SA-00142

xips · May 17, 2019

Flaws found in Intel Management Engine (ME), TXE and SPS

Yep! My Lenovo Intel Lappy is a 14" Flex 4-1470 and isn't even mentioned in Lenovo's list of affected computers. The first one listed is the Flex 5-1470, and nope, that wasn't a typo on their part.

So, I'm not sure what I should do.
Click to expand...

See Lenovo's Intel ME 11.x, SPS 4.0, and TXE 3.0 Cumulative Security Update list.

Windows 10: Intel CSME, SPS, TXE, DAL, and Intel AMT 2019.1 QSR Advisory

Intel CSME, SPS, TXE, DAL, and Intel AMT 2019.1 QSR Advisory

Intel CSME, SPS, TXE, DAL, and Intel AMT 2019.1 QSR Advisory

Intel CSME, SPS, TXE, DAL, and Intel AMT 2019.1 QSR Advisory

Intel CSME, SPS, TXE, DAL, and Intel AMT 2019.1 QSR Advisory - Similar Threads - Intel CSME SPS

Intel CSME, SPS, TXE, DAL, and Intel AMT 2019.1 QSR Advisory - July 1

Intel Product Security Center Advisories for November 12, 2019

Intel Accelerated Storage Manager in Intel RSTe Advisory

Intel CSME, SPS, TXE, DAL, and Intel AMT 2019.1 QSR Advisory - May 14

Intel Graphics Driver for Windows 2019.1 QSR Advisory

Intel AMT Prompt

Intel Integrated Performance Primitives (Intel IPP) Advisory

Intel AMT Vulnerability and Surface Devices

Flaws found in Intel Management Engine (ME), TXE and SPS