Intel has patched a very serious firmware vulnerability, CVE-2018-3655, which could potentially leak encryption keys stored inside its Management Engine. The ME is a crucial microchip with code that brokers communications between a processor and external devices. Russian researchers found that he could extract two types of non-Intel encryption keys within a type of file system contained in the ME. Intel says an attacker may be able to access the Management Engine BIOS Extension password, also possible is tampering within file systems within the ME, Server Platform Services or the Trusted Execution Environment.”]
Source: https://www.cuinfosecurity.com/intel-patches-firmware-flaw-that-leaks-me-encryption-keys-a-11513