CVE-2017-5698

3 documents3 sources

Severity

4.4MEDIUM

EPSS

0.1%

top 69.04%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Intel Active Management Technology Firmware Intel Manageability Engine Firmware Intel Small Business Technology Firmware

Timeline

PublishedSep 5

Latest updateMay 13

Description

Intel Active Management Technology, Intel Standard Manageability, and Intel Small Business Technology firmware versions 11.0.25.3001 and 11.0.26.3000 anti-rollback will not prevent upgrading to firmware version 11.6.x.1xxx which is vulnerable to CVE-2017-5689 and can be performed by a local user with administrative privileges.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:NExploitability: 0.8 | Impact: 3.6

Affected Packages3 packages

▶NVDintel/small_business_technology_firmware11.0.25.3001, 11.0.26.3000+1

▶NVDintel/active_management_technology_firmware11.0.25.3001, 11.0.26.3000+1

▶NVDintel/manageability_engine_firmware11.0.25.3001, 11.0.26.3000+1

🔴Vulnerability Details

GHSA

GHSA-2c6r-gxwp-v69j: Intel Active Management Technology, Intel Standard Manageability, and Intel Small Business Technology firmware versions 11↗2022-05-13

▶

CVEList

CVE-2017-5698: Intel Active Management Technology, Intel Standard Manageability, and Intel Small Business Technology firmware versions 11↗2017-09-05

▶