Consumer Rights Wiki - User contributions [en]

PHH Mortgage Corporation

2026-02-05T18:25:30Z

Beeldscherm: Modified a weirdly structured sentence

{{CompanyCargo
|Description=
|Founded=2008
|Industry=Finance
|Logo=PHH-Mortgage.png
|ParentCompany=
|Type=Subsidiary
|Website=https://www.phhmortgage.com/
}}
'''PHH Mortgage Corporation''' is a subsidiary of Onity Group, Inc., a privately held mortgage servicer and lender based in Florida. As of June 10, 2024, Onity Mortgage has been established as a DBA (Doing Business As) of PHH Mortgage.<ref>https://business.phhmortgage.com/BusinessPHH/media/BusinessPHH/Pdf/PHH_Onity-FAQs.pdf</ref>

[[File:OnityGroupCompanyTree PHHMortgageCorporation V1.png|alt=Tree describing company relationships under the Onity Group, highlighting PHH Mortgage Corporation in light blue|thumb|549x549px|PHH Mortgage Corporation structure according to SEC filings.<ref>{{Cite web |date=27 Nov 2024 |title=ONITY GROUP INC. 8-K |url=https://www.sec.gov/Archives/edgar/data/873860/000149315224048499/ex10-2.htm |access-date=7 Mar 2024 |website=Securities and Exchange Commission}}</ref>]]

==Consumer impact summary==
PHH Mortgage Corporation, a non-bank residential mortgage servicer, has faced multiple allegations related to improper loan servicing practices, impacting borrowers across the United States. The company has been accused of failing to properly apply borrower payments, charging unauthorized fees, and mishandling loan modification requests. In some cases, PHH provided misleading information to homeowners facing foreclosure, and in others, it failed to maintain accurate records or oversee third-party vendors involved in servicing and foreclosure processes.<ref name=":0" />

These practices have led to financial hardship for many homeowners, with some experiencing delays or miscommunications that resulted in foreclosures or loss of modification opportunities.<ref>https://www.nj.gov/oag/newsreleases18/PHH_Complaint-for-filing-v1.pdf</ref> In response to these allegations, PHH has reached settlements, including restitution for affected borrowers and commitments to adopt improved servicing standards.<ref>https://www.nj.gov/oag/newsreleases18/PHH_Consent-Judgment.pdf</ref>

==Incidents==

===$6.25 Million Consumer Fraud Act Settlement (''2011'')===
In a settlement announced by Acting Attorney General John J. Hoffman,<ref>{{Cite web |last=Hoffman |first=John |date=4 Dec 2013 |title=Acting Attorney General Announces $6.25 Million Settlement Resolving Consumer Fraud Act Allegations Against PHH Mortgage |url=https://nj.gov/oag/newsreleases13/pr20131204a.html |access-date=7 Mar 2025 |website=The State of New Jersey Office of Attorney General}},</ref> New Jersey reached a $6.25 million agreement with PHH Mortgage Corporation to resolve allegations that the company misled financially struggling homeowners seeking loan modifications or assistance to avoid foreclosure.

===$45 Million Multi-State Settlement (''2018'')===
In a multi-state settlement announced by Attorney General Christopher S. Porrino,<ref name=":0">{{Cite web |last=Porrino |first=Christopher |date=3 Jan 2018 |title=Attorney General Porrino Announces $45 Million Multi-State Settlement with PHH Mortgage Corporation |url=https://www.nj.gov/oag/newsreleases18/pr20180103b.html |access-date=7 Mar 2025}},</ref> New Jersey reached a $45 million agreement with PHH Mortgage Corporation to resolve allegations of improper mortgage loan servicing. The settlement, which includes more than 45 states and the District of Columbia, addresses claims that PHH Mortgage failed to properly service loans over a four-year period.

Between January 1, 2009, and December 31, 2012, PHH Mortgage Corporation was accused of engaging in improper mortgage servicing practices. The alleged improper mortgage servicing practices include:

*Misapplying borrower payments and maintaining inaccurate account statements.
*Charging unauthorized fees for default-related services.
*Providing conflicting and misleading information to borrowers facing foreclosure.
*Failing to respond adequately to borrower complaints and loan modification requests.
*Mishandling loss mitigation applications and documentation.
*Lacking proper loan servicing records and foreclosure documentation.
*Inadequately supervising third-party vendors involved in servicing and foreclosure.
*Submitting foreclosure documents with inaccurate or incomplete information.
*Using improperly executed affidavits in foreclosure proceedings.
*Lacking a structured process for document preparation, execution, and notarization in foreclosure cases.

===Mortgage Service Center===
Mortgage Service Center is a registered DBA of PHH Mortgage Corporation,<ref>https://mblsportal.sos.state.mn.us/Business/SearchDetails?filingGuid=b9c14d71-c21d-ea11-918b-00155d01b4fc</ref><ref>https://extranet.dfi.in.gov/ConsumerCredit/EntityDetails/2881</ref><ref>https://licensing.coag.gov/s/license-report/a1mcs000001xAl2AAE/sup4000219005</ref> and engages in direct marketing by utilizing publicly available county records, including property details such as closing dates, loan amounts, lender names, mortgagor names, and addresses, to contact new homeowners with mortgage-related offers.

By referencing details related to a homeowner's recent mortgage, Mortgage Service Center aims to establish credibility and engage potential customers.

==References==
{{reflist}}
[[Category:{{PAGENAME}}]]

User:Beeldscherm

2026-02-04T19:15:31Z

Beeldscherm: Information

likes: Linux

dislikes: AI

AMD Platform Security Processor

2026-02-04T19:08:06Z

Beeldscherm: Added to concerns and vulnerabilities sections.

{{ProductCargo
|Company=AMD
|ReleaseYear=2013
|InProduction=Yes
|ArticleType=Product
|Category=Surveillance, Security, Hardware, Computers, Firmware
|Description=An autonomous chip running closed-source code with full system access, found on most AMD platforms.
|Logo=AMD logo.svg|Website=https://www.amd.com/en.html}}

The '''[[AMD]] Platform Security Processor (PSP)''', also known as the '''AMD Secure Processor''', is an autonomous processor embedded on most modern AMD CPU's since 2013. The PSP has full access to memory and is capable of running without the main CPU cores being active.<ref>{{Cite web |last=Eichner |first=Alexander |last2=Buhren |first2=Robert |date=2020-08-05 |title=All you ever wanted to know about the AMD Platform Security Processor and were afraid to emulate |url=https://i.blackhat.com/USA-20/Wednesday/us-20-Buhren-All-You-Ever-Wanted-To-Know-About-The-AMD-Platform-Security-Processor-And-Were-Afraid-To-Emulate.pdf |url-status=live |access-date=2026-02-04 |website=blackhat.com}}</ref>

AMD has not provided much information about the PSP, but several features are know, including:<ref name=":0">{{Cite web |date=2023-04-17 |title=Reversing the AMD Secure Processor (PSP) |url=https://dayzerosec.com/blog/2023/04/17/reversing-the-amd-secure-processor-psp.html |url-status=live |archive-url=https://web.archive.org/web/20260112172321/https://dayzerosec.com/blog/2023/04/17/reversing-the-amd-secure-processor-psp.html |archive-date=2026-01-12 |access-date=2026-02-04 |website=dayzerosec.com}}</ref>

*CPU initialization
*Hardware-accelerated cryptography
*Hardware/software integrity verification ([[wikipedia:Trusted_Platform_Module|TPM]])
*Facilitating Secure Encrypted Virtualization ([https://www.amd.com/en/developer/sev.html SEV])
There is no official way of disabling the PSP. Since it has responsibilities during the boot sequence, it is likely to be impossible to remove the PSP entirely without breaking the system.<ref name=":0" /> Around 2018, some users reported seeing a BIOS option to disable the PSP. <ref>{{Cite web |last=Cimpanu |first=Catalin |date=2018-01-06 |title=Security Flaw in AMD's Secure Chip-On-Chip Processor Disclosed Online |url=https://www.bleepingcomputer.com/news/security/security-flaw-in-amds-secure-chip-on-chip-processor-disclosed-online/ |url-status=live |archive-url=https://web.archive.org/web/20251219104119/https://www.bleepingcomputer.com/news/security/security-flaw-in-amds-secure-chip-on-chip-processor-disclosed-online/ |archive-date=2025-12-19 |access-date=2026-02-04 |website=BleepingComputer}}</ref>

==Concerns==
AMD has denied requests to open-source the software running on the PSP.<ref>{{Cite web |last=Williams |first=Rob |date=19 Jul 2017 |title=AMD Confirms It Won't Opensource EPYC's Platform Security Processor Code |url=https://hothardware.com/news/amd-confirms-it-will-not-be-opensourcing-epycs-platform-security-processor-code |url-status=live |archive-url=https://web.archive.org/web/20251123014437/https://hothardware.com/news/amd-confirms-it-will-not-be-opensourcing-epycs-platform-security-processor-code |archive-date=2025-11-23 |access-date=2026-02-04 |website=HotHardware}}</ref> This means that the inner workings of the PSP cannot be independently verified and bug-fixing can only be performed by AMD. This is an example of [[Security through obscurity|"security through obscurity"]], which has been criticized for taking away consumer rights.

Some have accused the AMD PSP of having a backdoor because of its closed nature, full system access, and AMD's secrecy and unwillingness to make the code public.<ref>{{Cite web |date=15 Mar 2021 |title=Every modern computer has a backdoor |url=https://www.sysjolt.com/2021/every-modern-computer-has-a-backdoor/ |url-status=live |access-date=2026-02-04 |website=sysjolt.com}}</ref>

==Vulnerabilities==
There have been several vulnerabilities related to AMD's PSP.
{| class="wikitable"
!Date
!Vulnerability
!CVE
|-
|2020
|Incorrect BIOS image length validation by the PSP might cause arbitrary code execution.
|[https://nvd.nist.gov/vuln/detail/CVE-2020-12944 CVE-2020-12944]
|-
|2020
|Due to a vulnerability in the PSP, an attacker can modify registers and possibly bypass ROM protections.
|[https://nvd.nist.gov/vuln/detail/CVE-2020-12961 CVE-2020-12961]
|-
|2021
|Insufficient verification of image decrypted by PSP may lead to arbitrary code execution.
|[https://nvd.nist.gov/vuln/detail/CVE-2021-26315 CVE-2021-26315]
|-
|2021
|Using the PSP, low-privilege users are able to send driver requests, allowing data leakage.
|[https://nvd.nist.gov/vuln/detail/CVE-2021-26333 CVE-2021-26333]
|-
|2021
|Insufficient address validation in PSP firmware may lead to arbitrary code execution.
|[https://nvd.nist.gov/vuln/detail/CVE-2021-46771 CVE-2021-46771]
|}

==See also==

*[[AMD]]
*[[Intel Management Engine]]

==References==
{{reflist}}

[[Category:{{PAGENAME}}]]
[[Category:AMD]]

AMD Platform Security Processor

2026-02-04T18:31:51Z

Beeldscherm: Added information and concerns.

AMD Platform Security Processor

2026-02-04T17:46:27Z

Beeldscherm: Created page for AMD PSP

Intel Management Engine

2026-02-04T16:24:41Z

Beeldscherm: Added and modified some sources

{{Incomplete section}}{{StubNotice}}{{ProductCargo
|Company=Intel
|ProductLine=Intel Management Engine
|ReleaseYear=2008
|InProduction=Yes
|ArticleType=Service
|Category=Surveillance, Security, Computers, Articles in Need of Additional Work
|Website=https://www.intel.com/content/www/us/en/homepage.html
|Description=An autonomous embedded microcontroller present on Intel chipsets with root system access.
|Logo=Intel logo.svg}}

The '''Intel Management Engine (ME)''' is an embedded microcontroller integrated into Intel's chipsets since 2008. From version 11 onwards, it runs a (closed-source) modified version of [https://www.minix3.org/ MINIX] as its operating system.<ref name=":4">{{Cite web |date=2023-09-26 |title=What is Intel® Management Engine? |url=https://www.intel.com/content/www/us/en/support/articles/000008927/software/chipset-software.html |url-status=live |access-date=2026-02-04 |publisher=Intel}}</ref><ref name=":5">{{Cite web |last=Ermolov |first=Mark |last2=Goryachy |first2=Maxim |date=28 Aug 2017 |title=Disabling Intel ME 11 via undocumented mode |url=https://web.archive.org/web/20201201175708/http://blog.ptsecurity.com/2017/08/disabling-intel-me.html?m=1 |url-status=dead |access-date=2026-02-04 |website=Positive Technologies}}</ref><ref>{{Cite web |last=Tanenbaum |first=Andrew S. |title=An Open Letter to Intel |url=https://www.cs.vu.nl/~ast/intel/ |url-status=live |access-date=2026-02-04 |website=www.cs.vu.nl}}</ref>.

The ME is able to access the LAN adapter, giving it access to networks the system is connected to, both wired and wireless.<ref name=":6">{{Cite web |date=2021-02-18 |title=Getting Started with Intel® Active Management Technology |url=https://www.intel.com/content/www/us/en/developer/articles/guide/getting-started-with-active-management-technology.html |access-date=2026-02-04 |publisher=Intel}}</ref>

The power state of the ME is independent from the rest of the system, allowing it to run while the system is turned off, assuming that the system is still receiving power.<ref name=":4" />

Additionally, Intel ME also contains several measures to check if it's been tampered with. These include being inaccessible to the machine BIOS or OS, scanning the entire machine every 30 minutes to verify if signature is signed (otherwise shutting down the system)<sup>[source?]</sup>, and making it exceptionally difficult to reverse engineer.
==Intel AMT==
One of the services utilizing the capabilities of the Intel ME is '''Intel Active Management (AMT)'''. It is part of a set of technologies marketed as Intel vPro. Intel AMT is built into most modern Intel CPUs, including but not limited to the Intel Core i5, Intel Core i7, Intel Core M, and Intel Xeon series. The AMT has full access to the system and can bypass system firewalls.<ref name=":6" /><ref>{{Cite web |date=2021-01-05 |title=Intel® Active Management Technology Developers Guide |url=https://www.intel.com/content/www/us/en/docs/active-management-technology/developer-guide/2021/overview.html |url-status=live |access-date=2026-02-04 |publisher=Intel}}</ref> By default, AMT is enabled, on supported chips. AMT support is listed under the "Security & Reliability" section on the intel product website ([https://www.intel.com/content/www/us/en/products/sku/230496/intel-core-i913900k-processor-36m-cache-up-to-5-80-ghz/specifications.html example]).
[[File:Intel ME boot sequence.png|alt=Intel ME Boot Sequence for Laptops/Computers |thumb|Booting Process]]
AMT allows remote management of the system by using the ME's network access, exposing 2 ports through which commands can be issued. Some of the many features of the AMT are:<ref name=":6" />

*Access to hardware information

*Remote power control
*[https://software.intel.com/sites/manageability/HLAPI_Documentation/default.htm?turl=Documents%2Fbootcontrol.htm Boot control]
*Wake-on-LAN/Wake on wireless LAN
*Remote Schedule Maintenance (outside firewall)
*KVM (keyboard, video, mouse) remote control
*Updating firmware

==Security==
Intel ME follows security by obscurity, a concept that if people are unable to view the code, then it makes it more secure, however it's known to be ineffective and posing a huge security risks. Leaves many of these vulnerabilities unpatchable.
{| class="wikitable"
|+
|Date
|Description
|CVE
|-
|2009
|A "Ring -3 Rootkit" for the Q35 chipset was demonstrated by Invisible Things Lab, allowing an attacker to execute code, even when Intel AMT was disabled in the BIOS.<ref>{{Cite web |last=Tereshkin |first=Alexander |last2=Wojtczuk |first2=Rafal |date=29 Jul 2009 |title=Introducing Ring -3 Rootkits |url=https://blackhat.com/presentations/bh-usa-09/TERESHKIN/BHUSA09-Tereshkin-Ring3Rootkit-SLIDES.pdf |url-status=live |archive-url=https://web.archive.org/web/20251205092502/http://www.blackhat.com/presentations/bh-usa-09/TERESHKIN/BHUSA09-Tereshkin-Ring3Rootkit-SLIDES.pdf |archive-date=2025-12-05 |access-date=2026-02-04 |publisher=Blackhat}}</ref> The bug was subsequently patched by Intel.<ref>{{Cite web |date=2008-08-26 |title=Intel patches the Q35 bug |url=https://theinvisiblethings.blogspot.com/2008/08/intel-patches-q35-bug.html |url-status=live |access-date=2026-02-03 |website=The Invisible Things Lab's blog}}</ref>
|'''No CVE'''
|-
|2010
|An individual by the name of Vassilios Vereris discovered an bypass that allow attackers to remotely enable Intel AMT.<ref name=":0">{{Cite web |date=2026-02-03 |title=Disabling Intel ME in Firmware |url=https://ecrsecurity.com/files/DisableIntelME.pdf |url-status=live |access-date=2026-02-03 |website=ecrsecurity}}</ref><ref>{{Cite web |last=Ververis |first=Vassilios |year=2010 |title=Security Evaluation of Intel's Active Management Technology |url=https://ia801400.us.archive.org/35/items/100402-vassilios-ververis-with-cover/100402-Vassilios_Ververis-with-cover.pdf |website=archive.org}}</ref>
|'''No CVE'''
|-
|2017
|Discovered by Maksim Malyutin from Embedi, a bug in Intel AMT allows a hacker to gain admin privileges from a remote location.<ref name=":0" /> Reportedly, Intel was aware of this more than 5 years prior to the report SemiAccurate gave to Intel, however it was dismissed for unknown reasons.<ref>{{Cite web |last=Demerjian |first=Charlie |date=2017-05-01 |title=Remote security exploit in all 2008+ Intel platforms |url=https://www.semiaccurate.com/2017/05/01/remote-security-exploit-2008-intel-platforms/ |url-status=live |access-date=2026-02-03 |website=SemiAccurate}}</ref><ref>{{Cite web |last=Armasu |first=Lucian |date=2017-05-02 |title=Intel AMT Vulnerability Shows Intel’s Management Engine Can Be Dangerous |url=https://www.tomshardware.com/news/intel-amt-vulnerability-me-dangerous,34300.html |url-status=live |access-date=2026-02-03 |website=Tom's Hardware}}</ref><ref>{{Cite web |date=2025-01-11 |title=The Vulnerability Uncovered |url=https://umatechnology.org/intel-amt-vulnerability-business-laptops-can-be-exploited-in-mere-seconds/ |url-status=live |access-date=2026-02-03 |website=UMA Technology}}</ref>
|CVE-2017-5689.<ref>{{Cite web |date=2017-05-02 |title=CVE-2017-5689 Detail |url=https://nvd.nist.gov/vuln/detail/cve-2017-5689 |url-status=live |access-date=2026-02-03 |website=Nist}}</ref>
|-
|2018
|Researchers at F-Secure discovered an exploit regarding Intel AMT that allows a hacker with physical access to the machine to bypass the user, BIOS, Bitlocker, and TPM passwords in a matter of 30 seconds. This bug is more severe against corporate laptops.<ref name=":3">{{Cite web |last=Waldman |first=Arielle |date=2020-09-09 |title=Intel patches critical flaw in Active Management Technology |url=https://www.techtarget.com/searchsecurity/news/252488831/Intel-patches-critical-flaw-in-Active-Management-Technology |url-status=live |access-date=2026-02-03 |website=TechTarget}}</ref><ref>{{Cite web |last=Ashford |first=Warwick |date=2018-01-18 |title=F-Secure highlights another critical Intel security issue |url=https://www.computerweekly.com/news/450433078/F-secure-highlights-another-critical-Intel-security-issue |url-status=live |access-date=2026-02-03 |website=TechTarget}}</ref><ref>{{Cite web |last=Subramaniam |first=Vaidyanathan |date=2018-01-14 |title=Gone in 30 seconds: New Intel AMT exploit is scarier than you can ever fathom |url=https://www.notebookcheck.net/Gone-in-30-seconds-New-Intel-AMT-exploit-is-scarier-than-you-can-ever-fathom.278216.0.html |url-status=live |access-date=2026-02-03 |website=Notebook Check}}</ref><ref>{{Cite web |last=Armasu |first=Lucian |date=2018-01-12 |title=Intel AMT Allows BitLocker Bypass In Under A Minute |url=https://www.tomshardware.com/news/intel-amt-bitlocker-bios-bypass,36321.html |url-status=live |access-date=2026-02-03 |website=Tom's Hardware}}</ref>
|'''No CVE'''
|-
|2020
|Several vulnerabilities were found in Intel AMT, allowing hackers to add a root kit.<ref name=":3" /><ref>{{Cite web |last=Larabe |first=Michael |date=2020-09-08 |title=Intel AMT Hit By Another "Critical" Security Vulnerability |url=https://www.semiaccurate.com/2016/01/20/intel-puts-out-secure-cpus-based-on-insecurity/ |url-status=live |access-date=2026-02-03 |website=phoronix}}</ref>
|CVE 2020-0535<ref>{{Cite web |first=National Vulnerability Database |date=2020-06-15 |title=CVE-2020-0535 Detail |url=https://nvd.nist.gov/vuln/detail/CVE-2020-0535 |url-status=live |access-date=2026-02-03 |website=nist.gov}}</ref><ref>{{Cite web |first=National Vulnerability Database |date=2020-06-15 |title=CVE-2020-0531 |url=https://nvd.nist.gov/vuln/detail/CVE-2020-0531 |url-status=live |access-date=2026-02-03 |website=Nist}}</ref><ref>{{Cite web |first=Intel |date=2020-11-10 |title=2020.2 IPU – Intel® CSME, SPS, TXE, AMT and DAL Advisory |url=https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00391.html |url-status=live |access-date=2026-02-03 |website=Intel}}</ref>
|}

==Hidden Deals==
Around 2017, an undocumented flag was discovered that, when set, disables a large portion of the ME. This feature appears to have been requested by the NSA.<ref name=":5" /><ref>{{Cite web |last=Claburn |first=Thomas |date=29 Aug 2017 |title=Intel ME controller chip has secret kill switch |url=https://www.theregister.com/2017/08/29/intel_management_engine_can_be_disabled/ |url-status=live |access-date=2026-02-04 |website=The Register}}</ref>

==Tools and Tips==

There is no official method to disable the ME, however there have been tools and tips developed to allow (partially) disabling the ME.<ref name=":0" /><ref name=":1">{{Cite web |title=Intel’s Management Engine |url=https://puri.sm/learn/intel-me/ |url-status=live |access-date=2026-02-04 |publisher=Purism}}</ref>

*[https://github.com/corna/me_cleaner ME Cleaner Tool]
*Using an CPU or Computer made before 2008
*Buying Computers with Intel ME disabled like [https://puri.sm/ Purism]<ref name=":1" /> and [https://system76.com/ System76]

==See also==

*[[Intel]]
*[[Intel CPUs stability issue]]

==References==
<references />
[[Category:{{PAGENAME}}]]

Intel Management Engine

2026-02-04T15:46:46Z

Beeldscherm: Some additional information on AMT and the 2009 vulnerability, also fixed small mistakes

{{Incomplete section}}{{StubNotice}}{{ProductCargo
|Company=Intel
|ProductLine=Intel Management Engine
|ReleaseYear=2008
|InProduction=Yes
|ArticleType=Service
|Category=Surveillance, Security, Computers, Articles in Need of Additional Work
|Website=https://www.intel.com/content/www/us/en/homepage.html
|Description=An autonomous embedded microcontroller present on Intel chipsets with root system access.
|Logo=Intel logo.svg}}

The '''Intel Management Engine (ME)''' is an embedded microcontroller integrated into Intel's chipsets since 2008. From version 11 onwards, it runs a (closed-source) modified version of [https://www.minix3.org/ MINIX] as its operating system.<ref name=":4">{{Cite web |date=2023-09-26 |title=What is Intel® Management Engine? |url=https://www.intel.com/content/www/us/en/support/articles/000008927/software/chipset-software.html |url-status=live |access-date=2026-02-04 |publisher=Intel}}</ref><ref name=":5">{{Cite web |last=Ermolov |first=Mark |last2=Goryachy |first2=Maxim |date=28 Aug 2017 |title=Disabling Intel ME 11 via undocumented mode |url=https://web.archive.org/web/20201201175708/http://blog.ptsecurity.com/2017/08/disabling-intel-me.html?m=1 |url-status=dead |access-date=2026-02-04 |website=Positive Technologies}}</ref>.

The ME is able to access the LAN adapter, giving it access to networks the system is connected to, both wired and wireless.<ref name=":6">{{Cite web |date=2021-02-18 |title=Getting Started with Intel® Active Management Technology |url=https://www.intel.com/content/www/us/en/developer/articles/guide/getting-started-with-active-management-technology.html |access-date=2026-02-04 |publisher=Intel}}</ref>

The power state of the ME is independent from the rest of the system, allowing it to run while the system is turned off, assuming that the system is still receiving power.<ref name=":4" />

Additionally, Intel ME also contains several measures to check if it's been tampered with. These include being inaccessible to the machine BIOS or OS, scanning the entire machine every 30 minutes to verify if signature is signed (otherwise shutting down the system)<sup>[source?]</sup>, and making it exceptionally difficult to reverse engineer.
==Intel AMT==
One of the services utilizing the capabilities of the Intel ME is '''Intel Active Management (AMT)'''. It is part of a set of technologies marketed as Intel vPro. Intel AMT is built into most modern Intel CPUs, including but not limited to the Intel Core i5, Intel Core i7, Intel Core M, and Intel Xeon series. The AMT has full access to the system and can bypass system firewalls.<ref name=":6" /><ref>{{Cite web |date=2021-01-05 |title=Intel® Active Management Technology Developers Guide |url=https://www.intel.com/content/www/us/en/docs/active-management-technology/developer-guide/2021/overview.html |url-status=live |access-date=2026-02-04 |publisher=Intel}}</ref> By default, AMT is enabled, on supported chips. AMT support is listed under the "Security & Reliability" section on the intel product website ([https://www.intel.com/content/www/us/en/products/sku/230496/intel-core-i913900k-processor-36m-cache-up-to-5-80-ghz/specifications.html example]).
[[File:Intel ME boot sequence.png|alt=Intel ME Boot Sequence for Laptops/Computers |thumb|Booting Process]]
AMT allows remote management of the system by using the ME's network access, exposing 2 ports through which commands can be issued. Some of the many features of the AMT are:<ref name=":6" />

*Access to hardware information

*Remote power control
*[https://software.intel.com/sites/manageability/HLAPI_Documentation/default.htm?turl=Documents%2Fbootcontrol.htm Boot control]
*Wake-on-LAN/Wake on wireless LAN
*Remote Schedule Maintenance (outside firewall)
*KVM (keyboard, video, mouse) remote control
*Updating firmware

==Security==
Intel ME follows security by obscurity, a concept that if people are unable to view the code, then it makes it more secure, however it's known to be ineffective and posing a huge security risks. Leaves many of these vulnerabilities unpatchable.
{| class="wikitable"
|+
|Date
|Description
|CVE
|-
|2009
|A "Ring -3 Rootkit" for the Q35 chipset was demonstrated by Invisible Things Lab, allowing an attacker to execute code, even when Intel AMT was disabled in the BIOS.<ref>{{Cite web |last=Tereshkin |first=Alexander |last2=Wojtczuk |first2=Rafal |date=29 Jul 2009 |title=Introducing Ring -3 Rootkits |url=https://blackhat.com/presentations/bh-usa-09/TERESHKIN/BHUSA09-Tereshkin-Ring3Rootkit-SLIDES.pdf |url-status=live |archive-url=https://web.archive.org/web/20251205092502/http://www.blackhat.com/presentations/bh-usa-09/TERESHKIN/BHUSA09-Tereshkin-Ring3Rootkit-SLIDES.pdf |archive-date=2025-12-05 |access-date=2026-02-04 |publisher=Blackhat}}</ref> The bug was subsequently patched by Intel.<ref>{{Cite web |date=2008-08-26 |title=Intel patches the Q35 bug |url=https://theinvisiblethings.blogspot.com/2008/08/intel-patches-q35-bug.html |url-status=live |access-date=2026-02-03 |website=The Invisible Things Lab's blog}}</ref> <ref name=":0">{{Cite web |first=402 Payment Required |date=2023-06-29 |title=Intel Management Engine |url=https://www.youtube.com/watch?v=lQ8k79yNH2A |url-status=live |access-date=2026-02-03 |website=Youtube}}</ref><ref name=":2">{{Cite web |last=Robin |first=Thibaud |date=2025-03-02 |title=The Mysterious Story of a Troubling Intel Chip |url=https://blog.trackflaw.com/en/the-mysterious-story-of-a-disturbing-intel-flea/ |url-status=live |access-date=2026-02-03 |website=TrackFlaw}}</ref>
|'''No CVE'''
|-
|2010
|An individual by the name of Vassilios Vereris discovered an bypass that allow attackers to remotely enable Intel AMT.<ref>{{Cite web |date=2026-02-03 |title=Disabling Intel ME in Firmware |url=https://ecrsecurity.com/files/DisableIntelME.pdf |url-status=live |access-date=2026-02-03 |website=ecrsecurity}}</ref><ref>{{Cite web |last=Ververis |first=Vassilios |year=2010 |title=Security Evaluation of Intel's Active Management Technology |url=https://ia801400.us.archive.org/35/items/100402-vassilios-ververis-with-cover/100402-Vassilios_Ververis-with-cover.pdf |website=archive.org}}</ref> <ref name=":0" /><ref name=":2" />
|'''No CVE'''
|-
|2017
|Discovered by Maksim Malyutin from Embedi, a bug in Intel AMT allows a hacker to gain admin privileges from a remote location.<ref name=":0" /> Reportedly, Intel was aware of this more than 5 years prior to the report SemiAccurate gave to Intel, however it was dismissed for unknown reasons.<ref>{{Cite web |last=Demerjian |first=Charlie |date=2017-05-01 |title=Remote security exploit in all 2008+ Intel platforms |url=https://www.semiaccurate.com/2017/05/01/remote-security-exploit-2008-intel-platforms/ |url-status=live |access-date=2026-02-03 |website=SemiAccurate}}</ref> <ref>{{Cite web |last=Armasu |first=Lucian |date=2017-05-02 |title=Intel AMT Vulnerability Shows Intel’s Management Engine Can Be Dangerous |url=https://www.tomshardware.com/news/intel-amt-vulnerability-me-dangerous,34300.html |url-status=live |access-date=2026-02-03 |website=Tom's Hardware}}</ref><ref>{{Cite web |date=2025-01-11 |title=The Vulnerability Uncovered |url=https://umatechnology.org/intel-amt-vulnerability-business-laptops-can-be-exploited-in-mere-seconds/ |url-status=live |access-date=2026-02-03 |website=UMA Technology}}</ref><ref name=":0" />
|CVE-2017-5689.<ref>{{Cite web |date=2017-05-02 |title=CVE-2017-5689 Detail |url=https://nvd.nist.gov/vuln/detail/cve-2017-5689 |url-status=live |access-date=2026-02-03 |website=Nist}}</ref>
|-
|2018
|Researchers at F-Secure discovered an exploit regarding Intel AMT that allows a hacker with physical access to the machine to bypass the user, BIOS, Bitlocker, and TPM passwords in a matter of 30 seconds. This bug is more severe against corporate laptops. <ref name=":3">{{Cite web |last=Waldman |first=Arielle |date=2020-09-09 |title=Intel patches critical flaw in Active Management Technology |url=https://www.techtarget.com/searchsecurity/news/252488831/Intel-patches-critical-flaw-in-Active-Management-Technology |url-status=live |access-date=2026-02-03 |website=TechTarget}}</ref><ref>{{Cite web |last=Ashford |first=Warwick |date=2018-01-18 |title=F-Secure highlights another critical Intel security issue |url=https://www.computerweekly.com/news/450433078/F-secure-highlights-another-critical-Intel-security-issue |url-status=live |access-date=2026-02-03 |website=TechTarget}}</ref><ref>{{Cite web |last=Subramaniam |first=Vaidyanathan |date=2018-01-14 |title=Gone in 30 seconds: New Intel AMT exploit is scarier than you can ever fathom |url=https://www.notebookcheck.net/Gone-in-30-seconds-New-Intel-AMT-exploit-is-scarier-than-you-can-ever-fathom.278216.0.html |url-status=live |access-date=2026-02-03 |website=Notebook Check}}</ref><ref>{{Cite web |last=Armasu |first=Lucian |date=2018-01-12 |title=Intel AMT Allows BitLocker Bypass In Under A Minute |url=https://www.tomshardware.com/news/intel-amt-bitlocker-bios-bypass,36321.html |url-status=live |access-date=2026-02-03 |website=Tom's Hardware}}</ref>
|'''No CVE'''
|-
|2020
|Several vulnerabilities were found in Intel AMT, allowing hackers to add a root kit.<ref name=":3" /><ref>{{Cite web |last=Larabe |first=Michael |date=2020-09-08 |title=Intel AMT Hit By Another "Critical" Security Vulnerability |url=https://www.semiaccurate.com/2016/01/20/intel-puts-out-secure-cpus-based-on-insecurity/ |url-status=live |access-date=2026-02-03 |website=phoronix}}</ref>
|CVE 2020-0535<ref>{{Cite web |first=National Vulnerability Database |date=2020-06-15 |title=CVE-2020-0535 Detail |url=https://nvd.nist.gov/vuln/detail/CVE-2020-0535 |url-status=live |access-date=2026-02-03 |website=nist.gov}}</ref><ref>{{Cite web |first=National Vulnerability Database |date=2020-06-15 |title=CVE-2020-0531 |url=https://nvd.nist.gov/vuln/detail/CVE-2020-0531 |url-status=live |access-date=2026-02-03 |website=Nist}}</ref><ref>{{Cite web |first=Intel |date=2020-11-10 |title=2020.2 IPU – Intel® CSME, SPS, TXE, AMT and DAL Advisory |url=https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00391.html |url-status=live |access-date=2026-02-03 |website=Intel}}</ref>
|}

==Hidden Deals==
Around 2017, an undocumented flag was discovered that, when set, disables a large portion of the ME. This feature appears to have been requested by the NSA.<ref name=":5" /><ref>{{Cite web |last=Claburn |first=Thomas |date=29 Aug 2017 |title=Intel ME controller chip has secret kill switch |url=https://www.theregister.com/2017/08/29/intel_management_engine_can_be_disabled/ |url-status=live |access-date=2026-02-04 |website=The Register}}</ref>

==Tools and Tips==

There is no official method to disable the ME, however there have been tools and tips developed to allow (partially) disabling the ME.<ref name=":1">{{Cite web |title=Intel’s Management Engine |url=https://puri.sm/learn/intel-me/ |url-status=live |access-date=2026-02-04 |publisher=Purism}}</ref>

*[https://github.com/corna/me_cleaner ME Cleaner Tool]
*Using an CPU or Computer made before 2008
*Buying Computers with Intel ME disabled like [https://puri.sm/ Purism]<ref name=":1" /> and [https://system76.com/ System76]

==See also==

*[[Intel]]
*[[Intel CPUs stability issue]]

==References==
<references />
[[Category:{{PAGENAME}}]]