Intel Active Management Technology Privilege Escalation Vulnerability

On May 1st, 2017, Intel released a security advisory titled Intel Active Management Technology, Intel Small Business Technology, and Intel Standard Manageability Escalation of Privilege, also known as INTEL-SA-00075. The advisory details a vulnerability in the Intel Active Management (AMT), Intel Small Business (ISB), and Intel Standard Manageability (ISM) firmware modules included with some Intel-based platforms.

The Cisco PSIRT Team has investigated the impact of this vulnerability on Cisco products and determined that no Cisco products are affected.

Additional Information
Additional information about the vulnerability can be found at the following links:

Intel Security Advisory: Intel Active Management Technology, Intel Small Business Technology, and Intel Standard Manageability Escalation of Privilege [“https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075&languageid=en-fr”]
Cisco Multivendor Security Alert: Intel Active Management Technology Privilege Escalation Vulnerability [“https://sec.cloudapps.cisco.com/security/center/viewAlert.x?alertId=53677”]
US-CERT Vulnerability Note: VU#491375 [“http://www.kb.cert.org/vuls/id/491375”]

Cisco Security Procedures
Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco is available on the Cisco worldwide website at https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html [“https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html”]. This includes instructions for press inquiries regarding Cisco security advisories. All Cisco security advisories are available at http://www.cisco.com/go/psirt [“http://www.cisco.com/go/psirt”].