Security through obscurity – is a principle which has been under criticism for some years now, but this doesn’t stand in the way of large electronics producers demanding the signing of a Non-Disclosure Agreement, masqueraded as protection of intellectual property when issuing technical documentation. The situation is progressively exacerbating due to the rising complexity of circuit boards and the integration of various proprietary firmware on them. This practically makes independent research into these platforms impossible, which is potentially dangerous for regular users as well as producers of said equipment.

An example of such technology is Intel Management Engine (Intel ME) as well as its versions for server (Intel SPS) and mobile (Intel TXE) platforms. In our report we shall explain how, using undocumented commands, the SPI-flash memory could be rewritten and initiate the mother of bad scenarios – the exploitation of the ME (INTEL-SA-00086) vulnerability for Apple MacBook (CVE-2018-4251). The root of the problem turned out to be an undocumented operation of Intel ME - Manufacturing Mode.