Intel has released a security notice regarding its ME, SPS and TXE platforms.
These vulnerabilities provide an entry point at the firmware level, allowing malicious high privilege process to run code and programs before the Operating System.
The vulnerability is also exposed remotely.
Affected Chipsets Include:
- Intel Core Processors 6th, 7th, and 8th Generation
- Intel Xeon E3-1200 V6 and V5
- Intel Xeon Scalable
- Intel Atom C 3000
- Apollo Lake Intel Pentium
- Apollo Lake Intel Atom E3900 series
- Celeron N, J Series.
Please use Intel® Management Engine Critical Firmware Update (Intel-SA-00086) to verify if your system is affected, and then obtain the patches from your hardware vendor, as they become available.