Intel patches new ME vulnerabilities
http://blog.ptsecurity.com/2018/07/intel-patches-new-me-vulnerabilities.html [blog.ptsecurity.com]
2018-07-22 17:11
CVE-2018-3627, the vulnerability at issue in advisory SA-00118, is described as a logic bug (not a buffer overflow) that may allow execution of arbitrary code. Ease of exploitation makes this vulnerability more dangerous than the one in SA-00086, which was locally exploitable only in case of OEM configuration errors; instead, an attacker simply needs local access.
Things are even worse with CVE-2018-3628, which is described in advisory SA-00112. This vulnerability enables full-blown remote code execution in the AMT process of the Management Engine. Moreover, all signs indicate that—unlike CVE-2017-5712 in advisory SA-00086—attackers do not need an AMT administrator account.
source: L