CVE-2020-8353 : Security Advisory and Response
Learn about CVE-2020-8353, a vulnerability in Lenovo Desktop and Workstation systems enabling unauthorized Intel AMT configuration. Find mitigation steps and prevention measures.
Some Lenovo Desktop and Workstation systems were shipped with a vulnerability that could allow an administrative user to configure Intel AMT.
Understanding CVE-2020-8353
Prior to August 10, 2020, certain Lenovo systems had a security issue related to Intel AMT configuration.
What is CVE-2020-8353?
CVE-2020-8353 is a vulnerability found in Lenovo Desktop and Workstation systems that enabled the Embedded Host Based Configuration (EHBC) feature of Intel AMT, potentially allowing unauthorized configuration by local administrative users.
The Impact of CVE-2020-8353
The vulnerability has a CVSS base score of 6.7, with high impacts on confidentiality, integrity, and availability. It requires high privileges and local access for exploitation.
Technical Details of CVE-2020-8353
Lenovo systems were affected by a configuration vulnerability related to Intel AMT.
Vulnerability Description
The vulnerability allowed administrative users with local access to configure Intel AMT due to the EHBC feature being enabled.
Affected Systems and Versions
- Product: Desktop and Workstation systems
- Vendor: Lenovo
- Versions: Unspecified
Exploitation Mechanism
- Attack Complexity: Low
- Attack Vector: Local
- Privileges Required: High
- User Interaction: None
- Scope: Unchanged
Mitigation and Prevention
Steps to address and prevent the CVE-2020-8353 vulnerability.
Immediate Steps to Take
- Use Intel AMT Configuration Utility 12.2.0.150 or later to verify EHBC status.
- Check EHBC Status: ACUConfig.exe /verbose /output console Status
- To disable Intel EHBC: ACUConfig.exe DisableEhbcState
Long-Term Security Practices
- Regularly update and patch systems to prevent vulnerabilities.
Patching and Updates
- Apply security patches and updates provided by Lenovo.