We highlight the base principles and actual state of Management Engine (which is a part of UEFI BIOS firmware) and its attack vectors using reverse engineering techniques. Described breaches in UEFI and Intel Management Engine could possibly lead to the invention of “invulnerable” malicious applications. We describe the hidden Intel Management Engine implementation details and possible consequences of its security possible discredit. We describe principles and implementation details of UEFI BIOS attacks and vulnerabilities, suggesting the possible security enhancement approaches. Saint Petersburg National Research University of Information Technologies, Mechanics and Optics UEFI BIOS and Intel Management Engine Attack Vectors and VulnerabilitiesĪlexander Ogolyuk, Andrey Sheglov, Konstantin Sheglov
