https://mirror.consumerrights.wiki/api.php?action=feedcontributions&feedformat=atom&user=2001%3A4C3C%3AF02%3A6E00%3A3106%3A192D%3A57B5%3A36D4Consumer Rights Wiki - User contributions [en]2026-05-21T10:41:32ZUser contributionsMediaWiki 1.44.0https://mirror.consumerrights.wiki/index.php?title=Intel_Management_Engine&diff=36080Intel Management Engine2026-02-04T01:57:07Z<p>2001:4C3C:F02:6E00:3106:192D:57B5:36D4: Added additional information about ME and AMT, removed some incomplete text.</p>
<hr />
<div>{{Incomplete section}}{{StubNotice}}{{ProductCargo<br />
|Company=Intel<br />
|ProductLine=Intel Management Engine<br />
|ReleaseYear=2008<br />
|InProduction=Yes<br />
|ArticleType=Service<br />
|Category=Surveillance, Security, Computers, Articles in Need of Additional Work<br />
|Website=https://www.intel.com/content/www/us/en/homepage.html<br />
|Description=An autonomous embedded microcontroller present on Intel chipsets with root system access.<br />
|Logo=Intel logo.svg}}<br />
<br />
The '''Intel Management Engine (ME)''' is an embedded microcontroller integrated into Intel's chipsets since 2008. From version 11 onwards, it runs a (closed-source) modified version of [https://www.minix3.org/ MINIX] as its operating system.<ref name=":4">{{Cite web |date=2023-09-26 |title=What is Intel® Management Engine? |url=https://www.intel.com/content/www/us/en/support/articles/000008927/software/chipset-software.html |url-status=live |access-date=2026-02-04 |publisher=Intel}}</ref><ref name=":5">{{Cite web |last=Ermolov |first=Mark |last2=Goryachy |first2=Maxim |date=28 Aug 2017 |title=Disabling Intel ME 11 via undocumented mode |url=https://web.archive.org/web/20201201175708/http://blog.ptsecurity.com/2017/08/disabling-intel-me.html?m=1 |url-status=dead |access-date=2026-02-04 |website=Positive Technologies}}</ref>.<br />
<br />
The ME is able to access the LAN adapter, giving it access to networks the system is connected to, both wired and wireless.<ref name=":6">{{Cite web |date=2021-02-18 |title=Getting Started with Intel® Active Management Technology |url=https://www.intel.com/content/www/us/en/developer/articles/guide/getting-started-with-active-management-technology.html |access-date=2026-02-04 |publisher=Intel}}</ref><br />
<br />
The power state of the ME is independent from the rest of the system, allowing it to run while the system is turned off, assuming that the system is still receiving power.<ref name=":4" /><br />
<br />
<br />
Additionally, Intel ME also contains several measures to check if it's been tampered with. These include being inaccessible to the machine BIOS or OS, scanning the entire machine every 30 minutes to verify if signature is signed (otherwise shutting down the system), and making it exceptionally difficult to reverse engineer.<br />
==Intel AMT==<br />
One of the services utilizing the capabilities of the Intel ME is '''Intel Active Management (AMT)'''. It is part of a set of technologies marketed as Intel vPro. Intel AMT is built into most modern Intel CPUs, including but not limited to the Intel Core i5, Intel Core i7, Intel Core M, and Intel Xeon series. The AMT has full access to the system and can bypass system firewalls<ref name=":6" /><ref>{{Cite web |date=2021-01-05 |title=Intel® Active Management Technology Developers Guide |url=https://www.intel.com/content/www/us/en/docs/active-management-technology/developer-guide/2021/overview.html |url-status=live |access-date=2026-02-04 |publisher=Intel}}</ref>.<br />
<br />
AMT allows remote management of the system by using the ME's network access, exposing 2 ports through which commands can be issued. Some of the many features of the AMT are:<ref name=":6" /><br />
<br />
* Access to hardware information<br />
<br />
* Remote power control<br />
* [https://software.intel.com/sites/manageability/HLAPI_Documentation/default.htm?turl=Documents%2Fbootcontrol.htm Boot control] <br />
* Wake-on-LAN/Wake on wireless LAN<br />
* Remote Schedule Maintenance (outside firewall)<br />
* KVM (keyboard, video, mouse) remote control<br />
* Updating firmware<br />
<br />
==Security==<br />
Intel ME follows security by obscurity, a concept that if people are unable to view the code, then it makes it more secure, however it's known to be ineffective and posing a huge security risks. Leaves many of these vulnerabilities unpatchable.<br />
<br />
https://www.youtube.com/watch?v=D9BBXBZ5Ifs showcase 1 (2007-09-20)<br />
<br />
https://www.youtube.com/watch?v=joeEBJeUfbk showcase 2 (both ysainthilaire<br />
{| class="wikitable"<br />
|+<br />
|Date<br />
|Description<br />
|CVE<br />
|-<br />
|2009<br />
|Developed by Invisible Things Lab, it was discovered that a bug allowed it to access the machine memory. <ref>{{Cite web |date=2008-08-26 |title=Intel patches the Q35 bug |url=https://theinvisiblethings.blogspot.com/2008/08/intel-patches-q35-bug.html |url-status=live |access-date=2026-02-03 |website=The Invisible Things Lab's blog}}</ref><ref name=":0">{{Cite web |first=402 Payment Required |date=2023-06-29 |title=Intel Management Engine |url=https://www.youtube.com/watch?v=lQ8k79yNH2A |url-status=live |access-date=2026-02-03 |website=Youtube}}</ref><ref name=":2">{{Cite web |last=Robin |first=Thibaud |date=2025-03-02 |title=The Mysterious Story of a Troubling Intel Chip |url=https://blog.trackflaw.com/en/the-mysterious-story-of-a-disturbing-intel-flea/ |url-status=live |access-date=2026-02-03 |website=TrackFlaw}}</ref><br />
|CVE-2008-1234<br />
|-<br />
|2010<br />
|An individual by the name of Vassilios Vereris discovered an bypass that allow attackers to remotely enable Intel AMT.<ref name=":0" /><ref>{{Cite web |date=2026-02-03 |title=Disabling Intel ME in Firmware |url=https://ecrsecurity.com/files/DisableIntelME.pdf |url-status=live |access-date=2026-02-03 |website=ecrsecurity}}</ref><ref name=":2" /><br />
|'''Can't Find'''<br />
|-<br />
|2017<br />
|Discovered by Maksim Malyutin from Embedi, a bug in Intel AMT allows an hacker to gain admin privileges from a remote location.<ref name=":0" /> Reportedly, Intel new about this more than 5 years prior from the report SemiAccurate gave to intel, however it was dismissed for unknown reasons.<ref>{{Cite web |last=Demerjian |first=Charlie |date=2017-05-01 |title=Remote security exploit in all 2008+ Intel platforms |url=https://www.semiaccurate.com/2017/05/01/remote-security-exploit-2008-intel-platforms/ |url-status=live |access-date=2026-02-03 |website=SemiAccurate}}</ref> <ref>{{Cite web |last=Armasu |first=Lucian |date=2017-05-02 |title=Intel AMT Vulnerability Shows Intel’s Management Engine Can Be Dangerous |url=https://www.tomshardware.com/news/intel-amt-vulnerability-me-dangerous,34300.html |url-status=live |access-date=2026-02-03 |website=Tom's Hardware}}</ref><ref>{{Cite web |date=2025-01-11 |title=The Vulnerability Uncovered |url=https://umatechnology.org/intel-amt-vulnerability-business-laptops-can-be-exploited-in-mere-seconds/ |url-status=live |access-date=2026-02-03 |website=UMA Technology}}</ref><ref name=":0" /><br />
|CVE-2017-5689.<ref>{{Cite web |date=2017-05-02 |title=CVE-2017-5689 Detail |url=https://nvd.nist.gov/vuln/detail/cve-2017-5689 |url-status=live |access-date=2026-02-03 |website=Nist}}</ref><br />
|-<br />
|2018<br />
|Researchers at F-Secure discovered an exploit regarding Intel AMT that allows an hacker with physical access to the machine to bypass an user, BIOS, Bitlocker, and TPM passwords in a matter of 30 seconds. This bug is more severe against corporate laptops. <ref name=":3">{{Cite web |last=Waldman |first=Arielle |date=2020-09-09 |title=Intel patches critical flaw in Active Management Technology |url=https://www.techtarget.com/searchsecurity/news/252488831/Intel-patches-critical-flaw-in-Active-Management-Technology |url-status=live |access-date=2026-02-03 |website=TechTarget}}</ref><ref>{{Cite web |last=Ashford |first=Warwick |date=2018-01-18 |title=F-Secure highlights another critical Intel security issue |url=https://www.computerweekly.com/news/450433078/F-secure-highlights-another-critical-Intel-security-issue |url-status=live |access-date=2026-02-03 |website=TechTarget}}</ref><ref>{{Cite web |last=Subramaniam |first=Vaidyanathan |date=2018-01-14 |title=Gone in 30 seconds: New Intel AMT exploit is scarier than you can ever fathom |url=https://www.notebookcheck.net/Gone-in-30-seconds-New-Intel-AMT-exploit-is-scarier-than-you-can-ever-fathom.278216.0.html |url-status=live |access-date=2026-02-03 |website=Notebook Check}}</ref><ref>{{Cite web |last=Armasu |first=Lucian |date=2018-01-12 |title=Intel AMT Allows BitLocker Bypass In Under A Minute |url=https://www.tomshardware.com/news/intel-amt-bitlocker-bios-bypass,36321.html |url-status=live |access-date=2026-02-03 |website=Tom's Hardware}}</ref><br />
|no CVE number<br />
|-<br />
|2020<br />
|Several vulnerabilities were found in Intel AMT that allows hackers to add a root kit. <ref name=":3" /><ref>{{Cite web |last=Larabe |first=Michael |date=2020-09-08 |title=Intel AMT Hit By Another "Critical" Security Vulnerability |url=https://www.semiaccurate.com/2016/01/20/intel-puts-out-secure-cpus-based-on-insecurity/ |url-status=live |access-date=2026-02-03 |website=phoronix}}</ref><br />
|CVE 2020-0535<ref>{{Cite web |first=National Vulnerability Database |date=2020-06-15 |title=CVE-2020-0535 Detail |url=https://nvd.nist.gov/vuln/detail/CVE-2020-0535 |url-status=live |access-date=2026-02-03 |website=nist.gov}}</ref><ref>{{Cite web |first=National Vulnerability Database |date=2020-06-15 |title=CVE-2020-0531 |url=https://nvd.nist.gov/vuln/detail/CVE-2020-0531 |url-status=live |access-date=2026-02-03 |website=Nist}}</ref><ref>{{Cite web |first=Intel |date=2020-11-10 |title=2020.2 IPU – Intel® CSME, SPS, TXE, AMT and DAL Advisory |url=https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00391.html |url-status=live |access-date=2026-02-03 |website=Intel}}</ref><br />
|}<br />
<br />
==Hidden Deals==<br />
Around 2017, an undocumented flag was discovered that, when set, disables a large portion of the ME. This feature appears to have been requested by the NSA.<ref name=":5" /><ref>{{Cite web |last=Claburn |first=Thomas |date=29 Aug 2017 |title=Intel ME controller chip has secret kill switch |url=https://www.theregister.com/2017/08/29/intel_management_engine_can_be_disabled/ |url-status=live |access-date=2026-02-04 |website=The Register}}</ref> <br />
==Tools and Tips==<br />
<br />
While Intel ME is normally not possible to be disable (except in some cases), there have been tools and tips developed to allow (partially) disabling the ME.<ref>{{Cite web |title=Intel’s Management Engine |url=https://puri.sm/learn/intel-me/ |url-status=live |access-date=2026-02-04 |publisher=Purism}}</ref><br />
<br />
*[https://github.com/corna/me_cleaner ME Cleaner Tool]<br />
*Using an CPU or Computer made before 2008.<br />
*Buying Computers with Intel ME completely disabled like [https://puri.sm/ Purism] and [https://system76.com/ System76]<br />
<br />
==See also==<br />
<br />
*[[Intel]]<br />
*[[Intel CPUs stability issue]]<br />
<br />
==References==<br />
<references /><br />
<br />
https://www.youtube.com/watch?v=Lr-9aCMUXzI <br />
<br />
https://www.csoonline.com/article/562761/researchers-say-now-you-too-can-disable-intel-me-backdoor-thanks-to-the-nsa.html intel response to backdoor accusa<br />
<br />
https://www.youtube.com/watch?v=RPC5f7EJN6U<br />
<br />
<ref name=":1">{{Cite web |last=Portnoy |first=Erica |last2=Eckersley |first2=Peter |date=2017-05-08 |title=Intel's Management Engine is a security hazard, and users need a way to disable it |url=https://www.eff.org/deeplinks/2017/05/intels-management-engine-security-hazard-and-users-need-way-disable-it |url-status=live |access-date=2026-02-03 |website=Electronic Frontier Foundation}}</ref><br />
https://leeneubecker.com/intels-secret-backdoor-can-now-be-turned-off/<br />
<br />
https://hackaday.com/2017/12/11/what-you-need-to-know-about-the-intel-management-engine/<br />
<br />
https://www.youtube.com/watch?v=ZpXkJqTAY5Y <br />
<br />
https://www.youtube.com/watch?v=lQ8k79yNH2A<br />
<br />
<br />
turn all the above links into references, though as of writing this i do not have will power to continue.<br />
[[Category:{{PAGENAME}}]]</div>2001:4C3C:F02:6E00:3106:192D:57B5:36D4