Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Create and access a list of your products
Sign In Create an Account Premier Sign In Partner Program Sign In
Contact Us

Dell EMC Response to Intel AMT Advisory (INTEL-SA-00075) and CVE-2017-5689 (Common Vulnerabilities and Exposures)

Summary: Dell EMC response to Intel Active Management Technology (iAMT) reported vulnerability: INTEL-SA-00075 and CVE-2017-5689 (Common Vulnerabilities and Exposures). Dell recommends that customers follow best practices for securing internal networks and protecting systems from unauthorized physical access. ...

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Symptoms

  See Resolution Section.

Cause

  See Resolution Section.

Resolution

Overview

The Intel security team recently published an industry-wide advisory highlighting a vulnerability that can affect systems which support system manageability via Intel Active Management Technology (iAMT), Intel Small Business Technology, or Intel Standard Manageability. These technologies are industry wide and are used by some customers to remotely manage the configuration of client and some enterprise systems.

Dell Engineering has determined that the vast majority of Enterprise products do not support AMT with the exception of the T20 & T30 platforms. All other Dell PowerEdge platforms and remote management controllers are unaffected. Planned BIOS releases are forthcoming and will patch the reported vulnerability.

Details about the vulnerability, immediate mitigation, and detection recommendations are available via Intel’s advisory website.

Recommendation

Dell recommends that customers follow best practices for securing internal networks and protecting systems from unauthorized physical access.

Dell recommends customers follow the Intel published Detection Guide and Mitigation Guide for these systems immediately. Intel has released a Discovery Tool that can be used by local users or IT administrators to determine whether a system is vulnerable to INTEL-SA-00075.

Customers should update to the latest BIOS by downloading the patched releases from Dell.com/support as they become available.

BIOS Release Details

Dell is in the process of releasing BIOS updates for the affected platforms. This list is provided for customer planning purposes and will be updated with release information when available:

BIOS Release Details
Dell Enterprise System BIOS Version BIOS Release Date
PowerEdge T20 A12 15 May 2017
PowerEdge T30 1.0.5 11 May 2017

References

Intel Security Advisory (INTEL-SA-00075): https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075&languageid=en-fr
Intel Mitigation Guide: https://downloadcenter.intel.com/download/26754
Intel Detection Guide and Discovery Tool: https://downloadcenter.intel.com/download/26755
CVE-2017-5689:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5689

Affected Products

PowerEdge T20, PowerEdge T30
Article Properties
Article Number: 000178181
Article Type: Solution
Last Modified: 17 Aug 2024
Version:  5
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.