CVE-2017-5712

CWE-119 — Buffer Overflow4 documents4 sources

Severity

7.2HIGH

EPSS

2.5%

top 14.79%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Siemens Simatic Field PG M3 Firmware Siemens Simatic Field PG M4 Firmware Siemens Simatic Field PG M5 Firmware +20 more

Timeline

PublishedNov 21

Latest updateMay 14

Description

Buffer overflow in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allows attacker with remote Admin access to the system to execute arbitrary code with AMT execution privilege.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 1.2 | Impact: 5.9

Affected Packages23 packages

▶NVDintel/manageability_engine_firmware8.0.0.0 — 8.1.71.3608+8

▶CVEListV5intel_corporation/active_management_technology8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20

▶NVDsiemens/simatic_ipc427e_firmware< 21.01.07

▶NVDsiemens/simatic_ipc477e_firmware< 21.01.07

▶NVDsiemens/simatic_ipc547d_firmware< 7.1.91.3272

🔴Vulnerability Details

GHSA

GHSA-v479-mpcg-qvhx: Buffer overflow in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8↗2022-05-14

▶

OSV

php5 vulnerabilities↗2018-02-12

▶

CVEList

CVE-2017-5712: Buffer overflow in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8↗2017-11-21

▶