Intel Active Management Technology (AMT) detection

info Nessus Plugin ID 102992

Synopsis

A firmware based remote management tool is present and it is potentially enabled on the remote Windows host.

Description

The Intel Management Engine on the remote host has Active Management Technology (AMT).
Intel AMT can enable or disable remote discovery and management of Intel based assets, even when the host operating system is inactive.

If the asset is using a vulnerable version, check the driver version of Intel Management Engine Interface, in the asset's Device Manager.

For further remediation steps, contact the asset vendor.

Note that due to the low-level implementation of Intel ME, Nessus may not be able to identify its version on the remote host at this time.

See Also

http://www.nessus.org/u?fbc250d9

Plugin Details

Severity: Info

ID: 102992

File Name: wmi_intel_amt_detect.nbin

Version: 1.189

Type: local

Agent: windows

Family: Windows

Published: 9/7/2017

Updated: 11/22/2024

Asset Inventory: true

Hardware Inventory: true

OS Identification: true

Supported Sensors: Nessus Agent, Nessus

Vulnerability Information

CPE: cpe:/h:intel:active_management_technology, cpe:/o:intel:active_management_technology_firmware

Required KB Items: SMB/WMI/Available

Reference Information

IAVT: 0001-T-0637