@Fernando This is interesting for me as well because I’m looking for a CSME 13 or CSME 14 dump for ME Analyzer development. So far I haven’t been able to find any v13 tools but I have found some v14 ones. You can try the attached FPT v14 to see if it works and can dump the firmware. Hopefully MS allows at least read access to the SPI, otherwise it won’t be possible in general.
fpt.rar (312 KB)
Thank you, not really back but I will post updates soon.
@plutomaniac
It’s good to read you again! Regularly checking the thread since october to see if you are back. You are a real VIP and this thread is a real lifesaver in the ME jungle.
And thanks @Fernando for helping out all you can in his absence.
11.8.71.3630 broke Asrock Z370 Extreme4, it would always fail post after trying to save ANY settings, and after restoring defaults, post fail loops many times before booting… complete trash. At least a regular ME flash attempt in OS with 11.8.70 downgrade worked fine…
12.0.55.1521 is more recent.
so basically the same as with my Z370M Pro4, thanks for testing.
-andy-
@plutomaniac :
Thanks for the v14 fpt file.
I tried it, but it obviously doesn’t work with an Icelake CPU system.
Here is the error message I got:
Intel MEI Drivers & Software Consumer v1941.14.0.1366
Intel MEI Drivers & Software Consumer v1939.13.0.1206
Intel MEI Drivers & Software Consumer v1946.12.0.1328
Intel MEI Drivers & Software Corporate v1937.12.0.1312
Intel MEI Driver v1931.14.0.1323 (Windows 8 & Windows 10)
Intel MEI Driver v1931.14.0.1323 (Windows 7)
Intel MEI Driver v1910.13.0.1060 (Windows 8 & Windows 10)
Intel MEI Driver v1910.13.0.1060 (Windows 7)
Intel CSME 14.0 Consumer PCH-LP A Firmware v14.0.11.1205
Intel CSME 12.0 Consumer PCH-H B,A Firmware v12.0.55.1521
Intel CSME 12.0 Corporate PCH-H B,A Firmware v12.0.55.1521
Intel CSME 12.0 Consumer PCH-LP C Firmware v12.0.49.1534
Intel CSME 12.0 Corporate PCH-LP C Firmware v12.0.49.1534
Intel CSME 11.12 Consumer PCH-H A Firmware v11.12.0.1622
Intel CSME 11.12 Corporate PCH-H A Firmware v11.12.0.1622
Intel CSME 11.8 Consumer PCH-H D,A Firmware v11.8.71.3630
Intel CSME 11.8 Corporate PCH-H D,A Firmware v11.8.71.3630
Intel CSME 11.8 Consumer PCH-LP C Firmware v11.8.71.3630
Intel CSME 11.8 Corporate PCH-LP C Firmware v11.8.70.3626
Intel PMC CMP PCH-LP A Firmware v140.1.01.1005
Intel PMC CNP PCH-H B Firmware v300.2.11.1022
Intel CSME System Tools v14 r1 - (2020-01-07)
Intel CSME System Tools v12 r20 - (2020-01-07)
Intel CSME System Tools v11 r29 - (2020-01-07)
@Fernando
Looks like we’ll have to wait for some CSME 13 tools to appear then. 
Hmm, there is something weird about the Intel CSME 12.0 Consumer PCH-H B,A Firmware v12.0.55.1521.
As usual, I compiled the image with FIT, all well, but when I try to flash I get this error :
Error 499: Update to Image with lower ARB SVN is not allowed.
But ARB SVN is supposed to be 6 for both, so … what is going on ?
Ah crap, it seems that 12.0.49.1534 (and 12.0.47 for that matter) is newer than 12.0.55.1521. Nice Intel. I might be able to fix this tomorrow, otherwise it will stay that way until the next time I’m back.
That is funny, lol. Good one, Intel.
But thank you for posting everything, really appreciated 
Yes, either a rollback or simultaneous branch in development. Alright, fixed it now. Thanks for the report Ataemonus.
Intel CSME 12.0 Consumer PCH-H B,A Firmware v12.0.49.1534
Intel CSME 12.0 Corporate PCH-H B,A Firmware v12.0.49.1534
Yes, that was what I supposed and why I asked before. Other branch, but 12.0.49 is newer than 12.0.55 …
Hmm, updating Intel CSME Consumer PCH-H D,A Firmware from 11.8.70.3626 to 11.8.71.3630 breaks the ability of the motherboard to overclock non-K processor (ASUS Z170-P + i7-6700 ES)
Intel CSME 11.8 Corporate PCH-LP C Firmware v11.8.71.3630
Intel CSME System Tools v14 r1 - (2020-01-08)
Meanwhile there are a lot of users, who flashed a variant of this new Firmware version 11.8.71.3630 despite your warning and got it properly working.
Yesterday I have spent some time trying to find out myself, whether your doubts regarding the integrity of these specific Firmware modules are still legitimate or not.
Before I started with my tests, I stumbled my chance over a new Intel tool named "Intel® CSME Detection Tool" dated 11/14/2019, which I found >here<. It seems to be able to check the vulnerability of all currently in-use Intel ME Firmware module versions and variants.
As first step I let the tool test the Intel ME Firmware vulnerability of the of the following 3 systems:
1. PC system with ASRock Z170 MB and Skylake CPU running the Intel CSME 11.8 Consumer PCH-H Firmware v11.8.70.3626
2. Xiami Air Mobile system with Kabylake CPU running the Intel CSME 11.8 Consumer PCH-LP Firmware v11.8.70.3626
3. MS Surface Pro 7 laptop with IceLake CPU running the Intel CSME 13.0 Consumer PCH-LP Firmware v13.0.0.1086
Interesting result: The in-use Intel ME Firmware of all 3 systems were detected by the tool as being vulnerable.
Here are the pictures I got by checking the ME Firmware vulnerability of the brandnew MS Surface Pro 7 (the risk rating for the other 2 systems was identical):
(left pic: tool run as command, right pic: tool run with GUI)
As next step I flashed the Intel ME Firmware v11.8.71.3630 onto my PC (the PCH-H variant) and my Xiaomi laptop (the PCH-LP variant) by using the currently latest Intel CSME System Tools v11 r29.
The update procedure went flawlessly and the thereafter done Firmware integrity check by using the Intel MEInfo and the MEManuf tool with the suffix -verbose gave me absolutely proper results.
As last step I repeated the Firmware vulnerability test by checking the systems with now updated Intel ME Firmware.
Result: The update obviously has eliminated the vulnerability risks.
Here are the pictures I got now:
a) Skylake PC system:
b) Kabylake Mobile system:
Conclusion:
For users, who have a Skylake or Kabylake system and want to minimize the Intel ME Firmware vulnerability risks, I recommend to update the v11.8 Firmware to v11.8.71.3630.
According to my test results the flashing procedure is not more risky than any other one, if you make sure, that you
a) flash the absolutely matching specific Firmware version/variant and
b) use the latest available "r" version of the Intel CSME System Tools v11.
Good luck!
You are right Fernando but there could be a problem with some mobos like Gigabyte which cannot be ignored. OEMkey or some other factor? More troubleshooting needed!
After flashing my ASUS ROG Strix Z270H(7700K CPU) to v11.8.71.3630 if I overclock the system (by activating XMP for example) the PC can no longer boot up and I have to Clear CMOS to get back into UEFI. Any help on how to rectify this would be appreciated (Help that doesn’t involve just downgrading back to 11.8.70.3626 etc). Thank you kindly.
I also checked with the Intel utility for Linux a Intel (R) Core ™ i5-7500 CPU @ 3.40GHz with Intel CSME 11.8 Consumer PCH-H Firmware v11.8.71.3630
What is strange is that in your case the utility considers version 11.8.70.3626 vulnerable and in my case NO.
I can assume that both versions 11.8.70.3626 and 11.8.71.3630 are considered safe especially since they have the same VCN -> 284 so the changes between versions are not related to security.
However, it is strange that we get different results for the same version of Intel CSME. I checked with the Intel utility immediately after upgrading to version 11.8.70.3626 but also after reading your message.
