Dan Horovitz

**Name of the Vulnerable Software and Affected Versions** Intel(R) AMT SDK versions prior to 16.0.3 Intel(R) SCS versions prior to 12.2 Intel(R) MEBx versions prior to 11.0.0.0012, 12.0.0.0011, 14.0.0.0004, and 15.0.0.0004 **Description** The issue is related to insufficiently protected credentials in USB provisioning for Intel(R) AMT SDK, Intel(R) SCS, and Intel(R) MEBx. This may allow an unauthenticated user to potentially enable information disclosure via physical access. **Recommendations** For Intel(R) AMT SDK versions prior to 16.0.3, update to version 16.0.3 or later. For Intel(R) SCS versions prior to 12.2, update to version 12.2 or later. For Intel(R) MEBx versions prior to 11.0.0.0012, 12.0.0.0011, 14.0.0.0004, and 15.0.0.0004, update to a version that includes the necessary security fixes. As a temporary workaround, consider restricting physical access to the affected systems until a patch is available.