Highlighted
StarkyD
1 Nickel

Latitude E5530 non v-Pro / Intel AMT Vulnerability

When scanned with Intel's SA-00075 vulnerability tool, the Dell Latitude E5530 non-vPro model is flagging as vulnerable, even with the latest A18 BIOS revision installed.

I've heard conflicting information as to whether or not the non-vPro model of the E5530 is affected. 

  • I did a Dell chat with basic support and the tech told me I would need to contact Intel.
  • Intel told me even though it is non-vPro, it could be vulnerable to AMT and to contact Dell.
  • Our vendor told me that the SA-00075 tool actually detects the vulnerability and Dell must not have a BIOS available that patches it.  They advised performing the mitigation techniques for models that do not have a BIOS that patches it and the documentation included with the SA-00075 tool gives these techniques.

Is the Latitude E5530 non-vPro model with an A18 BIOS vulnerable to the Intel SA-0075 vulnerability?

5 Replies
Moderator
Moderator

RE: Latitude E5530 non v-Pro / Intel AMT Vulnerability

Hi StarkyD,

AMT is only available on systems that have vPro so I'm not sure that it could be subject to the vulnerability. A BIOS update to address the vulnerability has already been released for the E5530 so I'm sure if the non vPro model was also affected that it would also have been updated by now:

www.dell.com/.../dell-client-statement-on-intel-amt-advisory--intel-sa-00075-

What happens if you try and run the unprovisioning tool?

Let me know how you get on.


DELL-Alasdair R
Social Media Support
#IWork4Dell
I'm based in the UK and I'm usually available Monday to Friday 10am-5pm GMT (BST)
Get Support on Twitter @DellCaresPro


0 Kudos
StarkyD
1 Nickel

RE: Latitude E5530 non v-Pro / Intel AMT Vulnerability

This is the log file generated from the unprovisioning tool:

1:31:51 PM - INTEL-SA-00075 Unprovisioning Tool version 1.0.0.0025.
1:31:51 PM -
1:31:51 PM - Connecting to LMS....
1:31:52 PM - Current Provisioning State: PRE
1:31:52 PM - AMT isn't provisioned. exiting.
1:31:52 PM -
1:31:52 PM - Done.

0 Kudos
StarkyD
1 Nickel

RE: Latitude E5530 non v-Pro / Intel AMT Vulnerability

Risk Assessment

Based on the analysis performed by this tool, this system is vulnerable.

Explanation:
The detected version of the Management Engine firmware is considered vulnerable for INTEL-SA-00075.

If Vulnerable, contact your OEM for support and remediation of this system.
For more information, refer to CVE-2017-5689 in the following link: CVE-2017-5689
or the Intel security advisory Intel-SA-00075 in the following link: INTEL-SA-00075

INTEL-SA-00075 Detection Tool

Application Version: 1.0.3.215
Scan date: 2017-10-16 14:08:31

Host Computer Information

Name: XXXXXXX
Manufacturer: Dell Inc.
Model: Latitude E5530 non-vPro
Processor Name: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Windows Version: Microsoft Windows 7 Enterprise

ME Information

Version: 8.1.40.1416
SKU: Intel(R) Small Business Advantage (SBA)
Provisioning Mode: Not Provisioned
Control Mode: None
Is CCM Disabled: False
Driver installation found: True
EHBC Enabled: False
LMS service state: NotPresent
microLMS service state: NotPresent
Is SPS: False

0 Kudos
Moderator
Moderator

RE: Latitude E5530 non v-Pro / Intel AMT Vulnerability

Thanks for the details.

Is it an individual system you are seeing this on or multiple units?

Can you PM me the service tag of the unit (or the tag of any affected system if multiple units)?

I'll look into this further for you.


DELL-Alasdair R
Social Media Support
#IWork4Dell
I'm based in the UK and I'm usually available Monday to Friday 10am-5pm GMT (BST)
Get Support on Twitter @DellCaresPro


0 Kudos
StarkyD
1 Nickel

RE: Latitude E5530 non v-Pro / Intel AMT Vulnerability

We have approximately 175 of the Latitude E5530 non-vPro.  I have PM'ed you one of the service tags.

Thank You!