>CVE-2019-0169
>Heap overflow in subsystem in Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow an unauthenticated user to potentially enable escalation of privileges, information disclosure or denial of service via adjacent access.
>CVE-2019-11131
>Logic issue in subsystem in Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
Note these are "unautheticated user" and some of those are "via network access".
This is very scary. Anyone with expertise could have access to your memory content.
I don't think this is purely incompetence from developers.
>>9320 Which brings into question, what do users do with non-networked machines? Just keeping things up-to-date will require networking or using a medium to transfer updates. Most individuals use computers for communication or exchanging data.
>>9393 >then told you
No, they tell anyone who is listening - which is normally their own people, and the deaf goyim completely miss the message.
It is part of the hubris. "We did told the goyim and they didn't complain, so they must be ok with it."
>OP: Backdoor is reel goyz!
<No shit. Here is an explanation inserted into media 10 before your post.
>I is faggit: That make no sense.
<It's as common af policy, noticed by nanon WHERE IQ != sperg
>>9401 >Y u no contributes? Stop post nao!
OK. Here you go faggit since you're several years late to the 'party' - pic related is from Intel anon nearly 3 years ago about Intel ME accessing memory.
>>9402 The problem with these new vulnerabilities, it affects the Intel CPUs from just before IME started shipping. Which, while not blazing fast or energy efficient, are still usable for tasks. Intel specifically said they wouldn't fix these with microcode updates and it was mentioned that even if they did, it's unlikely that any board manufacturers would update the firmware to use the fixes.
For this reason alone, you should be dumping Intel. There may be some edge cases where you could use existing Intel systems, but they would need to be on a separate LAN/VLAN that doesn't connect to the Internet. You could use them for video processing or number crunching, but nothing else.
>>9391 >Congrats for Intel. Such a secure hardware.
Your sentence seems to imply that it's a bug and intel engineers failed at something. But all or most of these backdoors are features, they were designed to be like this
>>9409 >How do we know that other chips arent pozzed as well and just arent interesting enough for a leak to occur? (genuinely interested)
we don't know for sure, but there is possibility there are safe or safer than this shit. with Intel you are guaranteed to have all your RAM and HDD transferred to Tel Aviv using 3G chip in your CPU and networking
>>9406 All the 'relevant' big games either have an online mode, are entirely multiplayer, or are only accessible by connecting to the internet.
99.99% of the culture around whatever game is almost certaintly internet based.
As >>9382 noted, the whole point of computers (especially nowadays), is for communication.
Even dedicated gaming computers/consoles have networking capabilities. They do often use different CPUs, though.
If we drop the communication aspect, why the fuck are we using computers!? Databases? We might as well go back to typewriters & calculators or something.
Continuing with >>9409's thinking, do we think the other two x86/64 manufacturers are worthy "secure" alternatives (AMD & VIA)?
>>9415 > 3G chip in your CPU
You mean permanently disconnecting the thing from the internet wont save me? Hows that even possible
If there is a 3G chip in there there must be a way to prove it, right? Its detectable if its transmitting something
Thats some next level conspiracy right there
>>9423 >You mean permanently disconnecting the thing from the internet wont save me? Hows that even possible
>If there is a 3G chip in there there must be a way to prove it, right? Its detectable if its transmitting something
>Thats some next level conspiracy right there
yes goyim, that is a consipracy, do not believe the schizos!!!
https://en.wikipedia.org/wiki/Intel_vPro >Moreover, Sandy Bridge and future chips will have, "...the ability to remotely kill and restore a lost or stolen PC via 3G.
>3G
A 3G radio chip without an antenna inside a desktop enclosure isn't exactly going to offer stellar reception. Not saying you've nothing to worry about, but I am saying that connectivity isn't exactly going to be fast/good in any case.
>>9425 Intel Anti Theft did not use a 3g modem built into the processor. It was able to use an existing 3g modem in your computer directly.
If the processor did have a modem in it why wouldn't they expose it to the operating system and use it as a selling point?
>>9402 This is not proof. It's just some random guy writing in a imageboard. What we have now is not just proof, but als PoCs.
I'm not late to the party, I'm just not so fast in calling everything a "jews backdoor".
Just saying "I knew it!" doesn't make you actually "know" it.
Stop acessing /pol/. These worms are eating your rationality.
>>9408 >it affects the Intel CPUs from just before IME started shipping.
No, it doesn't.
>>9415 >using 3G chip in your CPU
That's horse crap.
>>9434 <it affects the Intel CPUs from just before IME started shipping.
>No, it doesn't.
Not all of the newly discovered CPU HW vulnerabilities affect the old processors, but some do. The IME specific vulnerabilities won't, of course, or the "Intel CPUs Since Haswell Vulnerable to "Zombieload v2 Attacks ..."
>>9425 No, Intel CPUs don't have embedded 3g modems.
Anti Theft 3.0 has an option to use 3rd party modems if they're present in the laptop.
>Intel® Anti-Theft Technology
>* notification via an encrypted SMS text message over a 3g network. For this option, the laptop does not need to be connected to the Internet, but it must be within range of a 3G network. This feature works even if the OS is not running or has been re-installed, thanks to a hardware-to-hardware link between the 3G card and the Intel AT system.²
>2 This feature requires a laptop with Intel® Anti-Theft Technology (Intel® AT) 3.0, a 3G laptop modem that supports Intel AT 3.0 functionality (for example, the Ericsson F5521gw), and OEM-enabled communication between the 3G modem and laptop
https://www.intel.com/content/dam/doc/product-brief/mobile-computing-protect-laptops-and-data-with-intel-anti-theft-technology-brief.pdf
>>9434 >I know every article disclosing more about Intel ME for the last 3 years has proven your post pic 100% correct in every way possible nanon, but that doesn't mean it is true.
I haven't seen shilling this bad for years. Seriously. Quit and go make babies. You're not cut out for this, children are a career choice you'll never regret, and this lot will only (ab)use you.
>Just saying "I knew it!" doesn't make you actually "know" it.
I guess you'll have to keep waiting for the secret agency to announce it on TV instead ...oh wait! You are the agency! My bad.
>>using 3G chip in your CPU
>That's horse crap.
So 4/6G or modulated power lines? You sneaky f*kers! ;^)
>>9445 Well thats just so fucking great. I suppose it was naive of me to think that i have any control at all
So it is managed by a secondary chip separate from the main unit? Would it be possible to disable it somehow? If it has its own os on (im assuming) a flash memory somewhere on the chip, maybe giving it a little stab would disable it, leaving the main unit undamaged? I dont like the variant of just not buying anything from intel much because the other ones are very likely pozzed as well, here i just have the advantage of knowing how exactly it is that they are/might be spying on me
Are there plans of the thing somewhere, maybe i can fix it with a microscope and a knife
Also is there a separate source of energy in a laptop despite the main battery? Could it run on the little flat thing that powers the bios settings
Also are there non-american designed cpus that i could buy that you would recommend?
>>9445 The amount of bullshit in this pic you posted is impressive. We could fill a full tank with this amount.
>>9446 >has proven your post pic 100% correct in every way
Everyone at the time of this post knew these informations. Where did you get this pic? I participated very activelly on 8ch /tech/ *before* this post happened and I said the exact same things. The only difference is that the anon in the pic is "impersonating" some Intel employee and this gives him "appeal to authority". Stop believing everything you see. Do you research based on facts first.
Also, some of his information is incorrect.
>cannot be disabled
Not true. We can do that now in some hardware.
>If you have an i3, i5 or i7 [...]
Intel microcode runs even before the "iX" line of processors. Not the ME, but the microcode (which already had many functionalities in it).
>Through the ME we can activate the mic and webcam even though the computer appears to be off or sleeping
Absolutely no evidence of that. Let alone they do that remotely. This would have jumped right off when doing companies do traffic analysis using a network switches.
Back at your retardation:
>I guess you'll have to keep waiting for the secret agency to announce it on TV instead
I don't need to wait. The evidence that just came out and I posted on OP, >>9314 and >>9391 pretty much proves there is serious vulnerabilities on Intel microcode.
It doesn't proves though that these are malicious and not simply mistakes. I personally think they are not mistakes, but I have no proof. That's the difference between me and you: you assume things you don't know. I don't.
>>9449 >Would it be possible to disable it somehow?
Read for yourself, it will do good for you to search and learn some stuff on your own first. Start searching for "open source firmware" on your search engine of choice.
>>9457 (me)
Btw, he had to have security clearence because that's a low-level mechanism in a processor. That's normal in industry and anyone who is familiar with this industry knows it. This is also true for developing internal components (RTL), for foundries (all of them, GlobalFoundries, TSMC, etc) and even for accessing the RTL/GDSII/photomasks.
I don't doubt, though, that Intel has direct contact with the military, as they have been funded by them (as was IBM and a bunch of other companies).
>>9449 >disabling ME
ME_cleaner compiled into Coreboot, or Libreboot itself.
>other CPUs
Different nanon here.
I would say ARM and PowerPC/IBM POWER 9 are the most mature non-Intel archs/systems.
IBM is American though.
Take a look at the Raptor Systems, and the likes of the Talos II. They are as good as it gets AFAIK when it comes to non-Intel.
For PPC laptops there's always the old Powerbooks from Cr-Apple (though ostensibly from before they were crap).
Purism also has some thongs going for them, but use Intel, but do the best they can.
System76 was/is trying to do what Purism does, not sure how close they are though.
Then you have core/librebooted Thinkpads, Viking and similar or just DIYing it.
ARM devices would be Chromebooks, most tablets/phones etc.
There's also RISC-V and OpenRISC, which are supposedly very immature, and what boards exist are RPI-tier.
VIA is not American (Chinese), but makes x86(64?) CPUs, they have (like AMD) a license from Intel.
>>9449 Yes, there is a secondary chip. There are groups of people working on reverse engineering the software within and removing/dismantling it but it's only been recently (ie the past few months) that it's been figured out well enough with enough software and tutorials to not accidentally brick your computer, or at least recover after you brick it. Apparently it's possible to remove the entire network stack and a few other features from it now. I'll see if i can find some of the videos talking about it. You still have to access the chip and use a secondary computer to read/write data with.
>>9457 >The amount of bullshit in this pic you posted is impressive.
I chuckled at "Free<space>BSD" and then stopped reading at "vPro processor". vPro is not a processor, it's just the marketing name for a group of management features. ME is the processor.
>>9446 >I guess you'll have to keep waiting for the secret agency to announce it on TV instead
I'm waiting for reproducible technical analysis of the firmware and hardware.
You just keep posting shitty opinion pieces from people who don't know the first thing about tech.
>you assume things you don't know. I don't.
>I don't make assumptions.
>I don't doubt, though, that Intel has direct contact with the military, as they have been funded by them (as was IBM and a bunch of other companies).
>I currently have no proof, but will assume based on circumstantial evidence I'm aware of.
>My assumption is..
Hmmmm. Ok.
>I participated very activelly on 8ch /tech/
oy vey! Then you've seen my all is botnet memes faggit.
There's no conspiracy here. Intel is a shit corporation just like a million other. When it's 2006 and you see Intel(TM) SuperDuper(R) WebCamVideoAudioIntegration(C) in the advertising the common sense reaction is turn 360 degrees and walk out.
13 years later cucksumers read a newspaper saying there actually ARE vulns in this moronic development process (WOW! SURPRISE!!!!). And now every /pol/nigger and his mom goes around spouting INTEL IS BOTNET while at the same time calling people POORFAG for not buying similar bullshit from a different brand.
TL;DR
WHY THE FUCK WOULD YOU BUY A CPU WITH """WEBCAM SUPPORT""" AS A FEATURE???!?!?! nvm you retards probably also buy cars with "Smart" technology in them
>>9497 >Intel(TM) SuperDuper(R) WebCamVideoAudioIntegration(C)
Source? It's hard to understand what the fuck you're even trying to reference when you type like a nigger.
>>9573 >Source?
>you type like a nigger
Not that nanon, but it's ironic you read like a nigger (i.e. you can't read).
>>9497 >it's 2006 and you see Intel(TM) SuperDuper(R) WebCamVideoAudioIntegration(C) in the advertising
>in the advertising
>advertising
I may be wrong (I'm not) but the nanon's source is probably Intelbotnet 2006 advertising.
>>9574 >I may be wrong (I'm not) but the nanon's source is probably Intelbotnet 2006 advertising.
Still no idea what you're referencing.
https://duckduckgo.com/html?q=Intelbotnet%202006%20advertising I'm guessing this is some kind of braindead /g/ meme? I wouldn't be too proud about getting it to be honest dude.
>I was in 8ch /tech/
>I'm guessing this is
>I haven't seen a central /tech/ meme that was running for a number of years
Hmmm. What is "continuity between shifts"?
Still, you get paid for keeping the seat warm, not professionalism.
>>9445 intel's extra-CPUlar features (e.g pretty much anything that's not arithmetic) were known to be broken since the early 2000s possibly the 90s. it was routine for infosec conferences to contain 10 talks breaking crap in the CPU every year.
>>9573 >>9589 It's not a /g/ meme, it's an Intel meme they made unto themselves. They literally have lists in their documentation that go like
>Intel (R) Blah (TM) Whatever The Fuck 2.0 (C)
>Intel (R) Blah (TM) Whatever The Fuck 3.0 (C) Featuring Intel (R) Blah (TM) Niggerjew 5.0 (C)
>Intel (R) Blah (TM) Whoever The Fuck 2.2 (C) Featuring Intel (R) Blah (TM) Niggerjew 5.0 (C)
>Intel (R) Blah (TM) However The Fuck 6.0 (C)
>Intel (R) Blah (TM) Whichever The Fuck 24.3.4 (C)
they had shit like webcam integration, wireless integration, or whatever the fuck listed in their CPU specs a long time ago, but
I couldn't find what I was looking for on their link maze (on top of being hard to browse on archive.org) so I'll just paste vpro stuff from 2006 instead:
> Intel® vPro\u2122 technology and Microsoft Windows Vista* multiply the efforts of every individual, team, and manager while helping you make the greatest possible contribution to your company's success. And with the power of Intel vPro technology, you'll experience the very best Microsoft Windows Vista has to offer:
>See at a glance how Intel vPro technology and Windows Vista work together to provide incredible multitasking, enhanced security, and unrivaled performance for business.
>"The built-in management, proactive security, and energy-efficient performance benefits of Intel vPro technology working with Microsoft Windows Vista will dramatically improve the end-user's and the IT manager\u2019s experience," said Gregory Bryant, general manager, Intel Digital Office Platforms Group. "Intel vPro technology based PCs, which feature the Intel® Core\u21222 Duo Processor and Intel's latest integrated graphics, meet Windows Vista Premium hardware logo requirements, and help enable all the terrific visual benefits Windows Vista brings, including a smooth, reliable Windows Aero* user experience."
>"Microsoft and Intel are working closely together to deliver an exciting new experience for mainstream business and consumer computing," said Kevin Johnson, co-president of the platforms and services division at Microsoft. "Microsoft's upcoming Windows Vista will take advantage of the fast, reliable performance in the new Intel Core 2 Duo processor. The combination of the Intel Core 2 Duo processor and Intel® chipsets with the latest integrated graphics are Windows Vista Premium Ready, and will help users experience all the terrific benefits Windows Vista brings including the Windows Aero user experience and enhanced reliability, search and security capabilities."
>"The built-in management, proactive security, and energy-efficient performance benefits of Intel vPro technology working with Microsoft Windows Vista will dramatically improve the end-user's and the IT manager\u2019s experience," said Gregory Bryant, general manager, Intel Digital Office Platforms Group. "Intel vPro technology based PCs, which feature the Intel® Core\u21222 Duo Processor and Intel's latest integrated graphics, meet Windows Vista Premium hardware logo requirements, and help enable all the terrific visual benefits Windows Vista brings, including a smooth, reliable Windows Aero* user experience."
>"Microsoft and Intel are working closely together to deliver an exciting new experience for mainstream business and consumer computing," said Kevin Johnson, co-president of the platforms and services division at Microsoft. "Microsoft's upcoming Windows Vista will take advantage of the fast, reliable performance in the new Intel Core 2 Duo processor. The combination of the Intel Core 2 Duo processor and Intel® chipsets with the latest integrated graphics are Windows Vista Premium Ready, and will help users experience all the terrific benefits Windows Vista brings including the Windows Aero user experience and enhanced reliability, search and security capabilities. "[http://web.archive.org/web/20061206013644/http://www.intel.com/business/windowsvista/index.htm?iid=biztab+vpro_msvista]
tl;dr we put userspace into the CPU fuck you it's for business reasons you wouldn't understand because you're not a big boy Actually, due to certain theorems and the cocksucker heirarchy, everytime a corporation uses the word "security" to describe a product, it means they just created a vulnerability that wouldn't have existed otherwise. If they use the word "software" in the context of hardware, the hardware is now insecure whereas security wasn't even a concept before because it was perfectly fine and flawless before
- Intel shit - blah bblah your CPU is secure now unlike before - result: remotely controllable hardware vulns
- WPS - something something security - result: you can get on any router's wireless AP and it will even send you its password
- you're money is secure! :) we limited your bank password to 8 characters because that is what the "security" word on my todo list means right? - result: you can call bank and say what pizza place the target ate at yesterday, and they will let you into their account
- uConnect - we put computer in your car wow - result: remote controllable cars (PoC only showed something like applying/disabing breaks, which is bad enough), each with their own IP address you can individually log into. corporation response is new advertisements literally saying "cars are like smartphones now, they need updates to stay secure"
- we put a computa in ur TV you are rich now because rich people have that shit - result: RCE vuln in TV, put software on to log the user's voice
actually it's funny because in the mid 2000s before anyone knew what a Smart TV was, the infosec community already demonstrated exploits in them all the time. literally every time i heard that, my first thought would be "what the fuck is a smart tv"
the reasons behind it are interactions between econonmy, retarded mindset of modern society, garbage engineering education, etc but the end result is it's that simple: if they use the word "security" their shit is broken
another way of looking at all this is that these are just diseases of affluence
VPro was known to be an issue at the time, but it could be avoided by using slightly older laptops (of the time). The VPro shit also required specific chipsets in combination with the CPU so if you avoided those chipsets, the VPro interface was missing.
For Intel AMT release 9.0 (4th Generation Intel Core i5 and Core i7):
22 nm Intel 4th Generation Core i7 Mobile processors[40]
22 nm Intel 4th Generation Core i5 Mobile processors[41]
Mobile QM87 chipsets[42]
For Intel AMT release 8.0 (3rd Generation Intel Core i5 and Core i7):
32 & 45 nm Intel 3rd Generation Core i7 Mobile processors[43]
32 & 45 nm Intel 3rd Generation Core i5 Mobile processors[44]
Mobile QM77 & Q77 chipsets[42]
For Intel AMT release 4.1 (Intel Centrino 2 with vPro technology):[45]
45 nm Intel Core2 Duo processor T, P sequence 8400, 8600, 9400, 9500, 9600; small form factor P, L, U sequence 9300 and 9400, and Quad processor Q9100
Mobile 45 nm Intel GS45, GM47, GM45 and PM45 Express chipsets (Montevina with Intel Anti-Theft Technology) with 1066 FSB, 6 MB L2 cache, ICH10M-enhanced
For Intel AMT release 4.0 (Intel Centrino 2 with vPro technology):[7][11]
45 nm Intel Core2 Duo processor T, P sequence 8400, 8600, 9400, 9500, 9600; small form factor P, L, U sequence 9300 and 9400, and Quad processor Q9100
Mobile 45 nm Intel GS45, GM47, GM45 and PM45 Express chipsets (Montevina) with 1066 FSB, 6 MB L2 cache, ICH9M-enhanced
For Intel AMT release 2.5 and 2.6 (Intel Centrino with vPro technology):[6][8][46]
Intel Core2 Duo processor T, L, and U 7000 sequence3, 45 nm Intel Core2 Duo processor T8000 and T9000
Mobile Intel 965 (Broadwater-Q) Express chipset with ICH8M-enhanced
Note that AMT release 2.5 for wired/wireless laptops and AMT release 3.0 for desktop PCs are concurrent releases.
Desktop PC requirements
Desktop PCs with vPro (called "Intel Core 2 with vPro technology") require:
For AMT release 5.0:[47]
Intel Core2 Duo processor E8600, E8500, and E8400; 45 nm Intel Core2 Quad processor Q9650, Q9550, and Q9400
Intel Q45 (Eaglelake-Q) Express chipset with ICH10DO
For AMT release 3.0, 3.1, and 3.2:[6][7][11]
Intel Core2 Duo processor E6550, E6750, and E6850; 45 nm Intel Core2 Duo processor E8500, E8400, E8300 and E8200; 45 nm Intel Core2 Quad processor Q9550, Q9450 and Q9300
Intel Q35 (Bearlake-Q) Express chipset with ICH9DO
Note that AMT release 2.5 for wired/wireless laptops and AMT release 3.0 for desktop PCs are concurrent releases.
For AMT release 2.0, 2.1 and 2.2:[6][8][46]
Intel Core 2 Duo processor E6300, E6400, E6600, and E6700
Intel Q965 (Averill) Express chipset with ICH8DO
>>9676 >I couldn't find what I was looking for on their link maze
Because you made it up.
>tl;dr we put userspace into the CPU fuck you it's for business reasons you wouldn't understand because you're not a big boy
It doesn't say that. It doesn't say anything actually, you're just projecting.
>>9703 >>Intel vPro
>nanon made up claimes
Lel! Yes nanon made up Intel v(ery)Pozzed being pozzed, all of us in this thread are LARPing.
Go buy the latest cucksumer InTelAviv botware. It is safe for you.
CONSUME. OBEY.
>>9872 Probably nothing. The most likely scenario is that AMD wasn't criminally irresponsible and negligent in the development of their CIAnigger backdoors.
>>9872 The history shows that AMD has less vulnerabilities regarding microcode. Both modern processors from both companies are not good enough. But if you need x86, AMD is the way to go right now.
Also, AMD has helped open source community when requested. They help on Mesa/AMDGPU and the new Vulkan driver. They also show interest in coreboot. The PCEngines APU2 is considered one of the best development platforms for coreboot yet.
Another point is that if you buy from Intel you're actually helping their dirty business. I don't want to be part of that.
So, if you need x86, go for AMD. If you don't specifically need x86, go to NXP SoCs (iMX6 or iMX8) and wait for RISC-V to finally come.
>>9996 Their hardware is too expensive. Also, few operating systems have support for POWER9. When they do, they lack security features (some or all grsec features, for example) and ported programs.
It's cool that IBM made POWER9 public, as well as Oracle making SPARC64 and the release of MIPS too. This helps EE researchers. But do you know why they did that? Because they are all dead architectures. IBM has a new ISA, Oracle is just using x86 and MIPS is only used in routers now.
>>9999 >RISC-V will be pozzed by CISC
What do you mean? Only x86 is CISC. The biggest industry competitor for RISC-V is ARM, but it's RISC too. Don't get your point.
>it'll still be less glowy than x86
>still
Some companies are indeed using RISC-V but closing all their microarchitecture (Kendride, for example). But RISC-V brings other things to the table. The industry is slowly realizing we need to open the RTL and share resources to make things progress faster and have better safety. RISC-V is spreading this exact message. See OpenROAD, for example.
https://nanochanqwrwtmamtnhkfwbbcducc4i62ciss4byo6f3an5qdkhjngid.onion/g/4908.html
>>10004 >they are all dead architectures
They're not targeting the desktop/workstation market, as they once did. While it may look like they're dead to us, they have just shifted focus. MIPS work stations are dead, e.g. SGI, but implementations geared toward embedded systems are still found. Here's a rundown of where you'll find them:
<MIPS
AI, automotive, consumer devices, IoT, Networking
SBCs can be found the use these, one company that comes to mind is MediaTek. Released new I7200 core IP in 2018.
https://panchul.livejournal.com/592175.html <Power/PowerPC
automotive, military, networking, supercomputing, telecommunications
IBM and NXP are the main providers.
<SPARC64
supercomputing
Fujitsu seems to be the only one interested, so yeah, that one may be about to die, but who knows?
<ARM
Cellphones, IoT, everything...
It's the hot shit at the moment
<RISC-V
Predicted to be the next hot shit because of free IP cores
It'll become pretty clear what's dead or not in the next few years.
>Intel discloses remote 'privileges escalation' vulnerability in CSME for non-vPro systems (not having AMT module). That's a precedent breaking well recognized assumptions about remote attacks on CSME
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.html
>CVE-2019-0169
>Heap overflow in subsystem in Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow an unauthenticated user to potentially enable escalation of privileges, information disclosure or denial of service via adjacent access.
>CVE-2019-11131
>Logic issue in subsystem in Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
Note these are "unautheticated user" and some of those are "via network access".
This is very scary. Anyone with expertise could have access to your memory content.
I don't think this is purely incompetence from developers.