Intel Corporation (“Intel”) announced that there is an escalation of privilege vulnerability in the remote manageability feature via certain Intel’s products, including Intel® Active Management Technology firmware. Firmware update for Toshiba products is in preparation. Until the firmware update is available, customers who have an affected product are recommended to keep this feature disabled (please see 3. Recommendations).
1. Intel’s security information on vulnerability
Intel published security information about an escalation of privilege vulnerability in Intel® Active Management Technology, Intel® Standard Manageability, and Intel® Small Business Technology firmware (*) that can allow an unprivileged attacker to gain control of the manageability features provided by these products.
As an option to mitigate against the possibility of an unprivileged network attacker, Toshiba recommends customers to disable “Intel® Active Management Technology” in accordance with the steps detailed in the below website: