What is the Intel SA-00086 vulnerability

The Intel SA-00086 is a critical vulnerability found in the Intel Management Engine.

Attackers can gain unauthorized access to systems using Intel® ME feature, and 3rd party secrets protected by the Intel® Management Engine (ME), Intel® Server Platform Service (SPS), or Intel® Trusted Execution Engine (TXE).

This includes the following scenarios where an attacker could:

• Impersonate the ME/SPS/TXE, thereby impacting local security feature attestation validity.
• Load and execute arbitrary code outside the visibility of the user and operating system.
• Cause a system crash or system instability

Affected processor families by Intel SA-00086

In short, all machines made with modern hardware from Intel after August 2015 are vulnerable. If the list below doesn’t mean anything to you, run the ‘Intel SA-00086 Detection Tool’.

• 6th, 7th, and 8th generation Intel® Core™ Processor Family:
• Intel® Xeon® Processor E3-1200 v5 and v6 Product Family
• Intel® Xeon® Processor Scalable Family
• Intel® Xeon® Processor W Family
• Intel Atom® C3000 Processor Family
• Apollo Lake Intel Atom® Processor E3900 series
• Apollo Lake Intel® Pentium® Processors
• Intel® Celeron® N and J series Processors

Downloads

• Lenovo - Official Statement, downloads, affected models