Intel AMT Vulnerability Allow Hack Remotely Critical Escalation Of Privilege Bug
The vulnerability, labeled CVE-2017-5689 , affects Intel remote management technologies, including Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT) software, versions 6 through 11.6. Where the Intel AMT Vulnerability resides? To protect Intel AMT Web Interface from unauthorized users, the service makes use of HTTP Digest and Kerberos authentication. The escalation of privilege vulnerability resides in the way Intel AMT Web Interface handles user authentication over HTTP Digest protocol, which is based on a simple challenge-response paradigm. Before going into the technical details about the exploitation of this vulnerability, first, you need to know how the Digest authentication works. The Digest authentication completes in the following steps: Client requests server to initiate login, and in response, the server returns a randomly generated 'nonce' value, the HTTP method, and the reques