Dell PowerEdge Server Statement on Intel ME and Intel TXE Advisory (INTEL-SA-00086) 

Overview

Dell is aware of the Intel ME and Intel TXE Elevation of Privileges vulnerabilities. Dell is diligently working to update the affected platforms. Firmware update details for the affected platforms are listed in this document. We recommend customers update their systems to the latest Intel Management Engine Firmware by downloading the current BIOS releases. We encourage customers to review Intel’s Security Advisory page for information, including appropriate identification and mitigation measures.

In addition, Dell highly recommends that system owners ensure that their systems are physically secured where possible, and follow good security practices to ensure that only authorized personnel have firsthand access to devices.  
 

References

• Intel Security Advisory (INTEL-SA-00086) https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00086.html?wapkw=INTEL-SA-00086
• Intel Management Engine (ME) 11.x: CVE-2017-5705, CVE-2017-5708, CVE-2017-5711, CVE-2017-5712
• Intel Server Platform Service 4.0.x.x: CVE-2017-5706, CVE-2017-5709
• Intel Trusted Execution Engine (TXE) 3.0: CVE-2017-5707, CVE-2017-5710

​Firmware Release Details

The systems that are listed below are affected and updated BIOS releases are now available for download from Dell Support.