On September 8, 2020, Intel disclosed a vulnerability in their Active Management Technology (AMT) as CVE-2020-8758.
Administrators are encouraged to update affected systems to prevent the vulnerability from being exploited. We provided coverage with the below product content updates.
For more information, see
INTEL-SA-00404 – Intel AMT and Intel ISM Advisory.
Network Security Platform product and Network IPS Signature
| Attack Name |
HTTP: Intel AMT Content Length Or Chunk Size Integer Overflow Vulnerability (CVE-2020-8758) |
| Attack ID |
0x45283800 |
| Signature Release Date |
September 8, 2020 |
Exploit Prevention content 10700 for Endpoint Security (ENS) Exploit Prevention and Host Intrusion Prevention (Host IPS)
For more information, see the
Exploit Prevention Content 10700 Release Notes.
| Signature Name |
Signature 6177: Possible Intel AMT attack detected (CVE-2020-8758) |
| Description |
- This event indicates that there was a suspicious attempt made remotely to exploit a vulnerability in Intel AMT, by sending a malicious HTTP POST request. An unauthenticated attacker can exploit this flaw on the same network to gain escalated permission.
- The signature is disabled by default.
|
| Signature Release Date |
October 13, 2020 |
Minimum Supported
Product Version |
ENS Exploit Prevention 10.6.0
Host IPS 8.0.0 Patch 13 |
| Signature Name |
Signature 6178: Intel AMT attack using fragmented packets (CVE-2020-8758) |
| Description |
- This event indicates that there was a suspicious attempt made remotely to exploit a vulnerability in Intel AMT, by sending a fragmented malicious HTTP POST request. An unauthenticated attacker can exploit this flaw on the same network to gain escalated permission.
NOTE: For this signature to work properly, enable the option 'Automatically block network intruders' and set it to greater than or equal to 60 seconds.
- The signature is disabled by default.
|
Minimum Supported
Product Version |
ENS Exploit Prevention 10.6.0
Host IPS 8.0.0 Patch 13 |
| Signature Release Date |
October 13, 2020 |
