Intel ME/AMT Exploit Scan

Posted May 9, 20177 yr

Hey all,

I'm wondering if anyone has put together a script in Pulseway yet to discover the client's vulnerabilty to the latest Intel ME/AMT Exploit (INTEL-SA-00075 / CVE-2017-5689)

Intel provides a scanning tool, but wondering if there is an easy way to automate this scan through pulseway.

Thanks

-P

May 10, 20177 yr

Administrators

Hi there,

You could modify one of the scripts from here: https://forum.pulseway.com/forum/80-powershell to download the zip from a dropbox share link or something similar that's under your control, run it with the following arguments:

Intel-SA-00075-console.exe -n -c -f

And then simply read the output of the xml into the stdout:

Get-Content *.xml

You could then check using a regular expression if the content matches a particular string which denotes that a system is affected by the vulnerability and run this command to fail the script so you will know which systems are affected:

exit 1

-Paul

Create an account or sign in to comment

https://forum.pulseway.com/topic/2007-intel-meamt-exploit-scan/

Followers

Go to topic listing

Sign In

Intel ME/AMT Exploit Scan

Featured Replies

Create an account or sign in to comment

Account

Navigation

Search