Intel ID: INTEL-SA-00141
Advisory Category: Firmware
Impact of vulnerability: Denial of Service, Information Disclosure
Severity rating: HIGH
Original release: 09/11/2018
Last revised: 09/11/2018


Multiple potential security vulnerabilities in Intel® Active Management Technology (AMT) in Intel® CSME firmware may allow arbitrary code execution, a partial denial of service or information disclosure. Intel is releasing Intel® CSME firmware updates to mitigate these potential vulnerabilities.

Vulnerability Details

CVEID: CVE-2018-3657
Description: Multiple buffer overflows in Intel® AMT in Intel® CSME firmware versions before version 12.0.5 may allow a privileged user to potentially execute arbitrary code with Intel® AMT execution privilege via local access.
CVSS Base Score: 6.7 Medium

CVEID: CVE-2018-3658
Description: Multiple memory leaks in Intel® AMT in Intel® CSME firmware versions before 12.0.5 may allow an unauthenticated user with Intel® AMT provisioned to potentially cause a partial denial of service via network access.
CVSS Base Score: 5.3 Medium

CVEID: CVE-2018-3616
Description: Bleichenbacher-style side channel vulnerability in TLS implementation in Intel® Active Management Technology before 12.0.5 may allow an unauthenticated user to potentially obtain the TLS session key via the network.
CVSS Base Score: 7.4 High

Affected Products:

Intel® Management Engine (ME):
Updated ME Firmware version Replaces ME Firmware version
Intel® CSME 11.8.55 11.0.x, 11.5.x, 11.6.x, 11.7.x, 11.8.x
Intel® CSME 11.11.55 11.10.x, 11.11.x
Intel® CSME 11.21.55 11.20.x, 11.21.x
Intel® ME 10.0.60 10.0.x
Intel® ME 9.5.65* 9.5.x
Intel® ME 9.1.45* 9.0.x, 9.1.x
Intel® CSME 12.0.6 12.0.3
*resolves CVE-2018-3616 only.


Intel recommends that users of Intel® CSME update to the latest version provided by the system manufacturer that addresses these issues.


Intel would like to thank Hanno Böck, Juraj Somorovsky (Hackmanit GmbH, RuhrUniversität Bochum) and Craig Young (Tripwire VERT) for reporting CVE-2018-3616 and working with us on coordinated disclosure.
CVE-2018-3657 and CVE-2018-3658 were found internally by Intel.

Revision History

Revision Date Description
1.0 09/11/2018 Initial Release

Source: INTEL-SA-00141