Intel sa_00086 vulnerability
Brian Robbins
New Member Posts: 4 ✭
Just learned of this new threat vector, ran intel's scan. This was output :
Manufacturer: AAEON
Model: UP-APL01
Processor Name: Intel(R) Pentium(R) CPU N4200 @ 1.10GHz
OS Version: Ubuntu 17.10 artful (4.13.0-17-generic)
*** Intel(R) ME Information ***
Engine: Intel(R) Trusted Execution Engine
Version: 3.0.13.1144
SVN: 0
*** Risk Assessment ***
Based on the analysis performed by this tool: This system is vulnerable.
Explanation:
The detected version of the Intel(R) Trusted Execution Engine firmware is considered vulnerable for INTEL-SA-00086.
Contact your system manufacturer for support and remediation of this system.
For more information refer to the SA-00086 Detection Tool Guide or the Intel security advisory Intel-SA-00086 at the following link:
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr
So I'm wondering what steps to take.
Edit two weeks later:
Hard to believe in this day and time that UP/AAEON won't even comment on this!?
Manufacturer: AAEON
Model: UP-APL01
Processor Name: Intel(R) Pentium(R) CPU N4200 @ 1.10GHz
OS Version: Ubuntu 17.10 artful (4.13.0-17-generic)
*** Intel(R) ME Information ***
Engine: Intel(R) Trusted Execution Engine
Version: 3.0.13.1144
SVN: 0
*** Risk Assessment ***
Based on the analysis performed by this tool: This system is vulnerable.
Explanation:
The detected version of the Intel(R) Trusted Execution Engine firmware is considered vulnerable for INTEL-SA-00086.
Contact your system manufacturer for support and remediation of this system.
For more information refer to the SA-00086 Detection Tool Guide or the Intel security advisory Intel-SA-00086 at the following link:
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr
So I'm wondering what steps to take.
Edit two weeks later:
Hard to believe in this day and time that UP/AAEON won't even comment on this!?
Comments
-
This probably isn't news, but I'm adding the standard UpBoard results in this thread as well.
INTEL-SA-00086 Detection Tool
Copyright(C) 2017, Intel Corporation, All rights reserved
Application Version: 1.0.0.128
Scan date: 2017-11-22 07:27:25 GMT
*** Host Computer Information ***
Name: delicode-4H4SF26701
Manufacturer: AAEON
Model: UP-CHT01
Processor Name: Intel(R) Atom(TM) x5-Z8350 CPU @ 1.44GHz
OS Version: ubilinux 4.0 dolcetto (4.9.45-ubilinux+)
*** Risk Assessment ***
Detection Error: This system may be vulnerable, please install the Intel(R) MEI/TXEI driver (available from your system manufacturer).
For more information refer to the SA-00086 Detection Tool Guide or the Intel security advisory Intel-SA-00086 at the following link:
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-frDelicode Ltd - https://www.delicode.com/
-
Can someone at UP/AAEON comment? I've stopped using my Up boards til we get a fix.
-
I asked thiy Question one month ago.
https://up-community.org/forum/public-up2hw/2291-deactivation-of-intel-management-engine
This is a very critical Situation for all Vendors, seems they are waiting for Intel what to do.
Seems that even a disabled ME can be used to exploit a machine because AMT is needed for booting the CPU. -
Hello,
We are working on validation of BIOS3.0, which is going to fix this security problem.
Hopefully, we can release by early next week.
BR
Aling -
Its Mid January now, when is the new Bios available?
-
Categories
- 301 All Categories
- 104 Announcements & News
- 51 Product News - New Product/Product Change Notice/ End-of-life
- 184 Welcome Developers!
- 52 Unboxing & Project Sharing
- 24 Tech Updates
- 548 UP Products
- 1 UP Xtreme i12
- UP Squared Pro 7000
- 1 UP Element i12 Edge
- 10 UP Squared V2
- 25 UP 4000
- 24 UP Xtreme i11
- 34 UP Squared 6000
- 44 UP Squared Pro
- 140 UP Xtreme
- 819 UP Squared
- 1.4K UP Board
- 89 UP Core Plus
- 221 UP Core
- 3 UP Xtreme Lite
- 43 UP AI Edge
- 215 Starter Kits & Peripheral