CVE-2017-5689
published 2017-05-02CVE-2017-5689: An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
KEVITWEXPLOIT
CISA Known Exploited Vulnerabilitydue 2022-07-28
Exploited in the wild
An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features gaining unprivileged network or local system privileges on Intel manageability SKUs: Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT).
Affected
52 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| hpe | proliant_ml10_gen9_server_firmware | — | — |
| intel | active_management_technology_firmware | — | — |
| intel | active_management_technology_firmware | — | — |
| intel | active_management_technology_firmware | — | — |
| intel | active_management_technology_firmware | — | — |
| intel | active_management_technology_firmware | — | — |
| intel | active_management_technology_firmware | — | — |
| intel | active_management_technology_firmware | — | — |
| intel | active_management_technology_firmware | — | — |
| intel | active_management_technology_firmware | — | — |
| intel | active_management_technology_firmware | — | — |
| intel | active_management_technology_firmware | — | — |
| intel | active_management_technology_firmware | — | — |
| intel | active_management_technology_firmware | — | — |
| intel | active_management_technology_firmware | — | — |
| intel | active_management_technology_firmware | — | — |
| intel | active_management_technology_firmware | — | — |
| intel | manageability_engine_firmware | — | — |
| intel | manageability_engine_firmware | — | — |
| intel | small_business_technology_firmware | — | — |
| intel | small_business_technology_firmware | — | — |
| siemens | simatic_field_pg_m3_firmware | < 6.2.61.3535 | 6.2.61.3535 |
| siemens | simatic_field_pg_m4_firmware | < 18.01.06 | 18.01.06 |
| siemens | simatic_field_pg_m5_firmware | < 22.01.03 | 22.01.03 |
| siemens | simatic_ipc427e_firmware | < 21.01.05 | 21.01.05 |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vulncheck9.8CRITICAL
cisa9.8CRITICAL