MythBusters: CVE-2017-5689 – How We Broke Intel AMT

PRESENTATION SLIDES

WHITEPAPER

Every modern computer system based on Intel architecture has Intel Management Engine (ME) – a built-in subsystem with a wide array of powerful capabilities (such as full access to operating memory, out-of-band access to a network interface, running independently of CPU even when it is in a shutdown state, etc.). On the one hand, these capabilities allow Intel to implement many features and technologies based on Intel ME. On the other hand, it makes Intel ME a tempting target for an attacker. Especially, if an attack can be conducted remotely.

Here, Intel Active Management Technology (AMT) fits perfectly – it is based on Intel ME and means for a remote administration of computer system. In this talk we will discuss the methods of remote pwning of almost every Intel based system, manufactured since 2010 or later.

CONFERENCE
Location: BALLROOM 1 Date: August 24, 2017 Time: 3:00 pm - 4:00 pm Alexander Ermolov Dmitriy Evdokimov Maksim Malyutin