Intel® Converged Security and Management Engine (Intel® CSME) 11.x Issue (INTEL-SA-00118)

To improve the robustness of the Intel® Converged Security and Management Engine (Intel® CSME), Intel continues to perform security reviews of Intel CSME with the objective of enhancing firmware resilience. As a result, Intel has identified a security vulnerability that could potentially place affected platforms at risk.

The issue affects Intel® CSME 11.x used in consumer/corporate PCs (Intel® vPro™or not, Intel® AMT or not), IoT devices, and workstations. You may find the affected firmware version on certain products:

• 6th, 7th, and 8th generation Intel® Core™ Processor Family
• Intel® Xeon® Processor E3-1200 v5 and v6 Product Family
• Intel® Xeon® W processor Family

Intel has implemented and validated an Intel® CSME firmware update (version 11.8.50 or higher) that addresses the vulnerability identified. We highly recommend that system administrators and system owners apply all available firmware updates from their system/equipment manufacturer as soon as possible.

View Intel Security Advisory INTEL-SA-00118 for additional details.

Contact your system manufacturer to obtain needed system updates.

Questions and Answers

Click or the question for the answer: