S4E

CVE-2017-5689 Scanner

Detects 'Privilege Escalation' vulnerability in Intel Active Mangement Technology, Intel Small Business Technology, Intel Standard Manageability affects v. before 6.2.61.3535, 7.1.91.3272, 8.1.71.3608, 9.1.41.3024, 10.0.55.3000, 11.0.25.3001, and 11.6.27.3264.

Short Info


Level

Critical

Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

15 seconds

Time Interval

30 days

Scan only one

Domain, IPv4

Toolbox

-

Intel Active Management Technology (AMT), Intel Small Business Technology (SBT), and Intel Standard Manageability (ISM) are system management features provided by Intel. These features allow IT professionals to remotely manage and monitor devices, providing a range of functionalities such as security, remote control, and inventory management. These features are widely used in business environments to ensure that devices are fully secured and maintained, alongside reducing the company's IT management costs.

CVE-2017-5689 is a vulnerability in these manageability features, allowing unprivileged users to gain system privileges to provisioned Intel management SKUs. Specifically, an unprivileged network attacker can cause system privilege escalation on AMT and ISM. Meanwhile, an unprivileged local attacker could provision manageability features, leading to the gain of network or local system privileges on AMT, ISM, and SBT.

This vulnerability can lead to cybercriminals accessing sensitive data, destroying data, or even obtaining control over the entire network. It could also lead to unauthorized access from a third party, impacting personal or organization information, and potentially causing significant financial damage. Attackers could use the vulnerability to access the data stored on the device, infect it with malware, or use it to launch further attacks within the organization.

At s4e.io, you can quickly and easily access valuable information about vital vulnerabilities in your digital assets. Through the platform's premium features, you can obtain detailed assessments of the risks associated with your digital assets, enhance your security posture, and remain up-to-date with the latest news and emerging threats. This information is crucial, and our team is dedicated to providing it to you in a reliable, comprehensive, and convenient way. Protecting against known vulnerabilities on time will ensure that you remain secure and protected from the ever-increasing cyber threats.

 

REFERENCES

Get started to protecting your Free Full Security Scan