There are two ways to take advantage of this vulnerability, please note that Intel Small Business technology is not susceptible to the first problem.
Unprivileged network attackers have access to system privileges to configure the Intel manageability SKU: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM).
CVSSv3 9.8 Critical / AV：N / AC：L / PR：N / UI：N / S：U / C：H / I：H / A：H
Unprivileged local attackers can provide manageability for Intel managed SKUs without privileged network or local system privileges: Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT) ).
CVSSv3 8.4 High/ AV：L / AC：L / PR：N / UI：N / S：U / C：H / I：H / A：H
Intel manageability firmware versions 6.x, 7.x, 8.x 9.x, 10.x, 11.0, 11.5, and 11.6
The affected products and versions are as follows:
Zoom Telephonics, Inc 3252
BN-Mux BCW 710J2
Intel manageability firmware versions 11.6
How to fix
Officials provided detailed steps to circumvent this vulnerability as follows:
Determine if you have Intel AMT, Intel supports the Intel SBA or ISM-enabled systems: http://ift.tt/1UaBIC0 . If you are sure that you do not have the above system, no further action is required.
Use “test guidelines” to assess whether the system has affected the firmware: http://ift.tt/2pBMuY1 . If you have a version in the Resolved Firmware column, you do not need to take further action to protect the system from this vulnerability.
Intel strongly recommends that you check the updated firmware with the system OEM. The firmware version that resolves the problem has a four-digit built-in version number that begins with “3” (XXXX.3XXX) Ex: 220.127.116.1108.
If you can not use the OEM firmware update, mitigation measures provided in this document are as follows: http://ift.tt/2p2dNaE
To assist with the mitigation steps provided in this document, contact Intel Customer Support ( http://ift.tt/2oR8uyL ); from the technical section , Select Intel Active Management Technology (Intel AMT).