Affected Software
Intel Management Interface <= 1815.12.0.2021
Issue
In my last assessment I discovered an unquoted service path in the Intel Management Engine Interface. In general this could lead to privilege escalation on a system, if the service is running with higher privileges and we (unprivileged user) got writing permissions along the installation path of the executable(howTo).
In this case the service was running as local system (yeah!), but unfortunately we didn’t have any writing permissions in the necessary folders.
Report
Even this isn’t a security vulnerability for itself, i decided to report this finding to Intel.
At first it’s not difficult to fix and unquoted service paths are in general not best practice 😉
Second in misconfigured environments or under some circumstances you could have write permission to some of these folders -> bad!
Intel agreed that this isn’t a security vulnerability, but they decided to appreciate it with a voucher (cool!).
Timeline
- 05/23/19 Vendor informed
- 29.05.19 Vendor asked for additional information
- 05/30/19 Vendor send a voucher via Hackerone
- 05/31/19 I asked to publish this post
- 04.06.19 Vendor asked to wait until end of July
- 31.07.19 Disclosure
Summary
Some companies are taking security very seriously && appreciate the work of researchers (even the finding is only a best practice advice)!
Note: If you like this little post, you should follow me on Twitter😉