Network Security, Patch/Configuration Management, Vulnerability Management

Intel AMT chip bug suspected backdoor, but likely coding error

On Monday, Intel issued an advisory warning of a critical escalation of privilege vulnerability in its firmware that could enable attackers to seize control of its products' manageability features.

The release caused a bit of a stir with one researcher calling the vulnerability a backdoor, while others said the problem was caused by a coding error.

Tatu Ylonen, the inventor of the Secure Shell protocol told SC Media that Charlie Demerjan, the researcher who spotted the flaw, claims to have been urging Intel to fix the issue for several years.

“If his claim is true (I have no reason to doubt it but have no independent evidence), then it begins to sound very much like a backdoor,” Ylonen said in an email to SC Media. “I mean, if someone knows their product has a vulnerability that undermines the security of pretty much every enterprise server in the world and most security tools, wouldn't they want to disclose it to the government, one of their biggest customers?”

Other researchers were not as concerned. Fidelis Cybersecurity threat research manager John Bambenek told SC Media the flaw looks more like a programming error.

“The vulnerability existed for so long likely because the AMT never had a strong and thorough security review and penetration test,” Bambenek said. That said, there is already a security skills shortage generally, the number of people working on firmware security is quite small. ”

MagicCube Founder and Chief Executive Officer Sam Shawki agreed with Bambenek telling SC Media that it doesn't look like a backdoor

"This vulnerability is not a backdoor created by Intel but a security bug in the management services offered through Intel's AMT," Shawki said. "It's a security flaw in a manageability service on the device that controls the behavior of the device and client application interaction with the device."

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.