The problem was discovered in the Active Management Technology, which provides remote access to management of settings and security of the computer. Millions of corporate devices around the world are potentially vulnerable to intruders, F-Secure said.
A hacker trying to gain access to a computer can enter the Intel Management Engine BIOS menu when the device is booted, using a password that is usually set by default, and then configure for itself remote access.
This vulnerability seems deceptively simple, but the potential damage from it is "huge," according to Harry Sintonen, senior security consultant at F-Secure and the one to first discovered the problem.
The security issue “is almost deceptively simple to exploit, but it has incredible destructive potential,” said Sintonen.
Although the initial attack requires physical access to the device, Sintonen explained that the speed with which it can be done makes it relatively exploitable in a so-called “evil maid” scenario.
“You leave your laptop in your hotel room while you go out for a drink. The attacker breaks into your room and configures your laptop in less than a minute, and now he or she can access your desktop when you use your laptop in the hotel WLAN. And since the computer connects to your company VPN, the attacker can access company resources,” the consultant said.
Sintonen further pointed out that even a minute of diverting the attention of the target from their laptop, say at an airport or coffee shop, is enough to do the damage.
