This Metasploit module scans for Intel Active Management Technology endpoints and attempts to bypass authentication using a blank HTTP digest (CVE-2017-5689). This service can be found on ports 16992, 16993 (tls), 623, and 624 (tls).
44deb16ec4e916e220f9f8b37748314f598bae3f65a5268506e4e9c1f53d9a36This document illustrates the manual exploitation of the vulnerability found in the Intel Active Management Technology in 2017 that stripped off the primary authentication mechanism in the Intel AMT web interface.
cfebcadf4361db526ce74bd43cf6067fdd66062b8ff3d28335972d33dcde2b8dHPE Security Bulletin HPESBHF03754 1 - A potential security vulnerability has been identified in HPE ML10 Gen 9 Server using Intel Xeon E3-1200 v5 Processor. The vulnerability could be remotely exploited to allow access restriction bypass. **Note:** On May 1st, 2017, Intel disclosed a new vulnerability with their Intel Manageability Firmware which is utilized on some systems containing Intel processors. This vulnerability allows an unprivileged network or local attacker to gain control of the remote manageability features of Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT) platforms. Do not attempt to upgrade the ME FW without following the instructions detailed in the Resolution section. Refer to the "Platform Specific Information" section in the Resolution for more specific information on upgrades for specific ProLiant servers. Revision 1 of this advisory.
4d31e00a83f7af60acef62cbc14ea5e7015d46ee67c0435ccd3ad9f6141664b0
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed