an attacker could gain unauthorized access to platform, Intel® ME
feature, and 3rd party secrets protected by the Intel® Management Engine
(ME)
Load and execute arbitrary code outside the visibility of the user and operating system.
please check with your system manufacturer for updated firmware
Acer please respond to this vulnerability with an ME firmware update or a mitigation strategy.
I am running the latest BIOS version (BIOS Version: P01.B3) and I disabled Intel AMT (Active Management Technology) in the BIOS settings, but I am still vulnerable to the exploits.
Intel(R) CSME Detection Tool For Legacy Systems
Application Version: 1.0.16.0
Scan date: 14/10/2020 21:09:02
Risk Assessment
Based on the analysis performed by this tool: This system is vulnerable.
Explanation:
The detected version of the Intel(R) Management Engine firmware is considered vulnerable for INTEL-SA-00086. Contact your system manufacturer for support and remediation of this system.
For more information refer to the Intel(R) CSME Detection Tool For Legacy Systems Guide or the Intel Security Advisory Intel-SA-00086 at the following link:
https://www.intel.com/sa-00086-supportHost Computer Information
Name:
Manufacturer: Acer
Model: Veriton X4610G
Processor Name: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz
OS Version: Microsoft Windows 10 Pro
Intel(R) ME Information
Engine: Intel(R) Management Engine
Version: 7.0.4.1197
Copyright(C) 2017-2019, Intel Corporation, All rights reserved.
You can scan your own computer for Intel ME vulnerabilities with this: Intel detection tool.