Nytro Posted May 5, 2017 Report Posted May 5, 2017 An authentication bypass vulnerability, which will be later known as CVE-2017-5689, was originally discovered in mid-February of 2017 while doing side-research on the internals of Intel ME firmware. The first objects of interest were network services and protocols. While studying the Intel AMT Implementation and Reference Guide we found out that various AMT features are available through the AMT Web-panel, which is supported by the integrated Web server, which listens to ports 16992 and 16993. Download: https://www.embedi.com/files/white-papers/Silent-Bob-is-Silent.pdf Quote
