New, Crippling AMT Exploit Requires 30 Seconds and No Code

New, Crippling AMT Exploit Requires 30 Seconds and No Code

A crippling new vulnerability has been found in AMT’s Intel chipsets, which allows back-door access through a few quickly performed steps without a single line of code.

The vulnerability was announced by Finnish security researchers F-Secure today. The exploit involves merely booting the laptop to the AMT management screen and entering the default password of “admin”.¬†Then by configuring a few other quick steps, the attacker can secure persistent, root level access as long as they can access the compromised machine’s LAN. ZDNet reports that the exploit

…can lead to a clean device being compromised in under a minute and can bypass the BIOS password, TPM Pin, Bitlocker and login credentials…

The Hacker News highlights that this exploit is particularly nasty because it is

…easy to exploit without a single line of code, affects most Intel corporate laptops, and could enable attackers to gain remote access to the affected system for later exploitation.

The exploit is effective on chipsets “…using Intel vPro-enabled processors as well as platforms based on some Intel Xeon processors.

The exploit is unrelated to Meltdown/Spectre and comes in addition to previously revealed AMT security vulnerabilities.

More information can be found at F-Secure’s announcement page and their FAQ on the exploit.