Intel vPro® Platform
Intel Manageability Forum for Intel® EMA, AMT, SCS & Manageability Commander
2834 Discussions

CSME Detection and Validation Tool reporting vulnerability

SJack2
New Contributor II
‎09-09-2020 06:00 AM
1,779 Views
Solved Jump to solution

Sorry if this is posted in the wrong section, tried navigating and ended up searching for other CSME related posts.

Anyway, read SA-00404 and updated ME firmware to required level and the latest tool still reports a vulnerability. Either the security note is erroneous or the tool is not working correctly?

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00404.html

Screenshot 

SJack2_0-1599656351928.png

Many thanks

0 Kudos
1 Solution
KenF_Intel
Moderator
‎09-09-2020 11:36 AM
1,763 Views
Solved Jump to solution
In response to KenF_Intel

Hi SJack2,

The version of the tool that you downloaded, version 4.0.1.0, was posted by mistake.

The correct current version, version 3.1.0.0 has been posted and should be used to verify you have the most current AMT firmware.

Version 3.1.0.0 is available at https://downloadcenter.intel.com/download/28632/Intel-Converged-Security-and-Management-Engine-Intel-CSME-Detection-Tool?v=t 

 

Thanks for reporting the problem.

Sorry for the confusion.  

 

Ken

Intel Customer Support

View solution in original post

In response to KenF_Intel
0 Kudos
Copy link

Link Copied

3 Replies
KenF_Intel
Moderator
‎09-09-2020 09:50 AM
1,770 Views
Solved Jump to solution

 Hi SJack2,

Thanks for the report. 

I'll check this with the tool developers and get back to you as soon as possible.

 

Ken

Intel Customer Support

0 Kudos
Copy link
KenF_Intel
Moderator
‎09-09-2020 11:36 AM
1,764 Views
Solved Jump to solution
In response to KenF_Intel

Hi SJack2,

The version of the tool that you downloaded, version 4.0.1.0, was posted by mistake.

The correct current version, version 3.1.0.0 has been posted and should be used to verify you have the most current AMT firmware.

Version 3.1.0.0 is available at https://downloadcenter.intel.com/download/28632/Intel-Converged-Security-and-Management-Engine-Intel-CSME-Detection-Tool?v=t 

 

Thanks for reporting the problem.

Sorry for the confusion.  

 

Ken

Intel Customer Support

In response to KenF_Intel
0 Kudos
Copy link
SJack2
New Contributor II
‎09-09-2020 11:50 AM
1,757 Views
Solved Jump to solution
In response to KenF_Intel

@KenF_Intel thank you

SJack2_0-1599677422942.png

 

In response to KenF_Intel
0 Kudos
Copy link
Reply

Community support is provided during standard business hours (Monday to Friday 7AM - 5PM PST). Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.