Nitro 5 AN515-58-75QD, vulnerability detected by the "Intel CSME Version to Detection Tool.'

chuck33
chuck33 Member Posts: 13

Tinkerer

edited February 15 in Nitro Gaming

Hello everyone,

I'm experiencing an issue with my system related to a vulnerability detected by the "Intel CSME Version Detection Tool." It seems like my system is affected, but I'm not sure if others are experiencing the same problem. Has anyone else encountered this issue?

Notebook: Nitro 5 AN515-58-75QD
Rif. NH.QFLET.002

Thanks in advance for any help or information you can provide.

[Edited the thread to add issue detail]

Answers

  • JackE
    JackE ACE Posts: 44,889 Trailblazer

    Yes, see this link. Many have reported this issue with other manufacturers. Quite common in fact. I wouldn't fret over it too much. Most vulnerabilities seem to be overhyped & poorly-defined as to exactly what kind and probabilities of bad things might happen

    Jack E/NJ

  • eGomes
    eGomes Member Posts: 4,302 Guru

    Hello @chuck33,

    Have you checked if the BIOS / UEFI firmware on your Nitro AN515-58 is updated with the latest version (2.10) available!?

    https://www.acer.com/us-en/support/product-support/AN515-58/NH.QFLET.002/downloads

  • chuck33
    chuck33 Member Posts: 13

    Tinkerer

    edited February 22

    Hello eGomes,
    I updated the BIOS to version 2.10 as soon as it was released because I had discovered about the vulnerability in August 2023.


    I was confident that this update would fix the issue, but unfortunately, nothing has changed. It's as if Acer isn't aware of it. In this link my Nitro isn't even listed https://community.acer.com/en/kb/articles/10179-intel-security-vulnerabilities-regarding-intel-management-engine-me-intel-server-platform-services-sps-and-intel-trusted-execution-engine-txe

  • JackE
    JackE ACE Posts: 44,889 Trailblazer

    As mentioned in the other thread, you have to keep checking for updates like the rest of us users for your model at this link or on Acer downloads We are neither Acer employees nor service reps. So we have no way of knowing when or even if the updates will be released.

    Jack E/NJ

  • eGomes
    eGomes Member Posts: 4,302 Guru
    edited February 27

    @chuck33,

    The current UEFI firmware version 2.10 available for Nitro AN515-58 contains two .FD files:

    I believe that these firmwares are applied to this same Nitro AN515-58 series, but that have Intel® Processors or PCH revision differents.

    Surprisingly, when using the ME Analyzer tool, it is possible to notice that these .FD files have completely different versions of Intel CS(ME), as well another modules:

    HH514X64.FD:

    ╔═══════════════════════════════════════════╗
    ║ ME Analyzer v1.304.4 r343 ║
    ╚═══════════════════════════════════════════╝
    ╔════════════════════════════════════════════╗
    ║ HH514X64.FD (1/1) ║
    ╟─────────────────────────────┬──────────────╢
    ║ Family │ CSE ME ║
    ╟─────────────────────────────┼──────────────╢
    ║ Version │ 16.0.15.1735 ║ ←——— current version CS(ME) installed in your's system
    ╟─────────────────────────────┼──────────────╢
    ║ Release │ Production ║
    ╟─────────────────────────────┼──────────────╢
    ║ Type │ Extracted ║
    ╟─────────────────────────────┼──────────────╢
    ║ SKU │ Consumer LP ║
    ╟─────────────────────────────┼──────────────╢
    ║ Chipset │ ADP-LP A ║
    ╟─────────────────────────────┼──────────────╢
    ║ TCB Security Version Number │ 1 ║
    ╟─────────────────────────────┼──────────────╢
    ║ ARB Security Version Number │ 2 ║
    ╟─────────────────────────────┼──────────────╢
    ║ Version Control Number │ 2 ║
    ╟─────────────────────────────┼──────────────╢
    ║ Production Ready │ Yes ║
    ╟─────────────────────────────┼──────────────╢
    ║ OEM Configuration │ Yes ║
    ╟─────────────────────────────┼──────────────╢
    ║ FWUpdate Support │ No ║
    ╟─────────────────────────────┼──────────────╢
    ║ Date │ 2022-02-17 ║
    ╟─────────────────────────────┼──────────────╢
    ║ File System State │ Configured ║
    ╟─────────────────────────────┼──────────────╢
    ║ Size │ 0x4B6000 ║
    ╟─────────────────────────────┼──────────────╢
    ║ Flash Image Tool │ 16.0.15.1735 ║
    ╚═════════════════════════════╧══════════════╝
    ╔═════════════════════════════════════════════╗
    ║ Power Management Controller ║
    ╟─────────────────────────────┬───────────────╢
    ║ Family │ PMC ║
    ╟─────────────────────────────┼───────────────╢
    ║ Version │ 160.1.00.1023 ║
    ╟─────────────────────────────┼───────────────╢
    ║ Release │ Production ║
    ╟─────────────────────────────┼───────────────╢
    ║ Type │ Independent ║
    ╟─────────────────────────────┼───────────────╢
    ║ Chipset SKU │ LP ║
    ╟─────────────────────────────┼───────────────╢
    ║ Chipset Stepping │ A ║
    ╟─────────────────────────────┼───────────────╢
    ║ TCB Security Version Number │ 0 ║
    ╟─────────────────────────────┼───────────────╢
    ║ ARB Security Version Number │ 0 ║
    ╟─────────────────────────────┼───────────────╢
    ║ Version Control Number │ 0 ║
    ╟─────────────────────────────┼───────────────╢
    ║ Production Ready │ Yes ║
    ╟─────────────────────────────┼───────────────╢
    ║ Date │ 2022-02-16 ║
    ╟─────────────────────────────┼───────────────╢
    ║ Size │ 0x40000 ║
    ╟─────────────────────────────┼───────────────╢
    ║ Manifest Extension Utility │ 16.0.15.1709 ║
    ╟─────────────────────────────┼───────────────╢
    ║ Chipset Support │ ADP ║
    ╚═════════════════════════════╧═══════════════╝
    ╔═══════════════════════════════════════════╗
    ║ Platform Controller Hub Configuration ║
    ╟─────────────────────────────┬─────────────╢
    ║ Family │ PCHC ║
    ╟─────────────────────────────┼─────────────╢
    ║ Version │ 16.0.0.1012 ║
    ╟─────────────────────────────┼─────────────╢
    ║ Release │ Production ║
    ╟─────────────────────────────┼─────────────╢
    ║ Type │ Independent ║
    ╟─────────────────────────────┼─────────────╢
    ║ TCB Security Version Number │ 0 ║
    ╟─────────────────────────────┼─────────────╢
    ║ ARB Security Version Number │ 0 ║
    ╟─────────────────────────────┼─────────────╢
    ║ Version Control Number │ 0 ║
    ╟─────────────────────────────┼─────────────╢
    ║ Production Ready │ Yes ║
    ╟─────────────────────────────┼─────────────╢
    ║ Date │ 2021-08-12 ║

    IH51Ax64.fd:

    ╔═══════════════════════════════════════════╗
    ║ ME Analyzer v1.304.4 r343 ║
    ╚═══════════════════════════════════════════╝

    I may be wrong, but it seems that they forgot to update the Intel CS(ME) module in one of these files that were made available!!!

    You can try contacting the Acer Support Center to report this vulnerability issue via the e-mail below:

    https://community.acer.com/en/kb/articles/13285-report-a-vulnerability

    But I don't believe it and I doubt they'll do anything! 😒

  • chuck33
    chuck33 Member Posts: 13

    Tinkerer


    Wow, thank you so much for the analysis you provided.
    I just noticed that a new version has been released: 2.11. I just performed the update, and unfortunately, the situation remains unchanged.
    I ran the analysis you provided with "MeAnalyzerTool" on the new BIOS, and the situation remains unchanged.
    I will write to vulnerability@acer.com as you suggested, also mentioning this discrepancy between IH51Ax64.fd and HH514X64.fd, and asking for further clarification. As soon as I receive updates on this matter, I will communicate them promptly.

    Thank you again.

  • chuck33
    chuck33 Member Posts: 13

    Tinkerer

    Finally, Acer has deigned to release the update that I have been waiting for so long:

    What really upsets me is the attitude of the support service that limited themselves to copying and pasting the previous answer to each of my emails. On the phone, they told me that they were not aware of what I was reporting, that I was the only one making such a report. The system did not even appear vulnerable in this list https://community.acer.com/en/kb/articles/13633-security-vulnerabilities-in-intel-active-management-technology-amt-and-intel-standard-manageability-ism-may-allow-escalation-of-privilege but in the end today they released this correction, and they did not even bother to notify me by responding to one of the many emails I sent about it, the first one dates back to August 6, 2023.

    Sorry for the outburst and thanks to everyone, especially to eGomes for the analysis he did. I like to think that it is thanks to his analysis that I forwarded to support and the report that I sent to vulnerability@acer.com that everything has been resolved.