Intel Vulnerability Leaves Thousands of PCs Open to Hacker Hijack

Security researchers have warned that a vulnerability in the Active Management Technology (AMT) feature of Intel processor chipsets are open to a remote exploit that could allow malicious hackers to hijack computers.

The AMT is a standard feature of Intel processors and has been so for nearly a decade. Suffice to say, that’s a long line of intel chipsets now vulnerable to an exploit that allows attackers to bypass authentication by simply sending a null string.

The vulnerability was first disclosed earlier this month, revealed in Intel’s Active Management Tech (AMT), Small Business Technology, and Standard Manageability (ISM) platforms that will bring plenty of concern among corporate users.

Systems with an active AMT or ISM implementation was initially thought to be exploitable over a network, with the already-serious vulnerability believed to be susceptible for a complex exploit. However, it was soon revealed that the vulnerability could be exploited with a simple null string at the time of authentication, allowing the attacker instant and complete access to the remote system.

The exploit essentially allows cyber criminals to access a computer’s peripherals, the mouse and keyboard, essentially granting the attacker complete access to the PC. In doing so, the attacker could install additional malware onto the victim’s computer.

Malicious hackers gain access by bypassing the security on the ‘AMT’ port, typically used by remote IT departments to remotely access computers around the world. Hackers are able to gain access to the system through a network port, easily accessed via a web browser.

“We’re able to manage the AMT via the regular web browser as if we’ve known the admin password,” researchers at security group Embedi told the Telegraph. “Keep silence when challenged and you’re in.

While Intel has not disclosed any details of the number of computers affected, a quick scan on public IoT search engine Shodan revealed over 8,000 in number on public networks. That number is certain to compound further on intranet networks of private companies.

Intel has published details on the flaw with a tool that allows users to check if they are vulnerable to the ATM exploit, enabling them to disable the feature.

Image credit: Pixabay.