Applicable Products:
CounterACT is not Vulnerable to these issues. Forescout provides mitigation via the use of the Security Policy Template Plugin v17.0.12.
Description:
Any Intel® CPU manufactured since 2008 can be controlled remotely via the Intel® Management Engine (ME), Intel® Trusted Execution Engine (TXE), and Intel® Server Platform Services (SPS). Intel has determined that these platforms are vulnerable and allow unauthorized access to remote systems. Enterprises using Intel’s “remote control” to manage their resources may be critically impacted. Please refer to Intel® Security Alert – INTEL-SA-00086 for further details.
Additionaly, a vulnerability in macOS v10.13.1 (aka High Sierra) allows an attacker to bypass administrator authentication without supplying the administrator’s password (CVE-2017-13872). Apple has released a patch for this issue on Nov 29th, 2017. Please refer to issue number HT208315 via the Apple support portal for more details.
For details and instructions on how CounterACT can help protect you from these vulnerabilities, please login to the support portal and search for Article #4934 (Intel SA-00086) and #4935 (MacOS HT208315) under the Knowledgebase section. To log into the support portal, please have your credentials ready and click here: https://www.forescout.com/support/login/
Legal Disclaimer
THIS NOTIFICATION IS PROVIDED ON AN “AS IS” BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION IN THIS ALERT OR MATERIALS LINKED FROM THIS ALERT IS AT YOUR OWN RISK. FORESCOUT RESERVES THE RIGHT TO CHANGE OR UPDATE THIS ALERT AT ANY TIME.
© 2017. Forescout Technologies, Inc. is a privately held Delaware corporation. Forescout, the Forescout logo, ControlFabric, CounterACT Edge, ActiveResponse and CounterACT (as applicable) are trademarks or registered trademarks of Forescout. Other names mentioned may be trademarks of their respective owners.