CVE-2017-5689 Scanner
Detects 'Privilege Escalation' vulnerability in Intel Active Mangement Technology, Intel Small Business Technology, Intel Standard Manageability affects v. before 6.2.61.3535, 7.1.91.3272, 8.1.71.3608, 9.1.41.3024, 10.0.55.3000, 11.0.25.3001, and 11.6.27.3264.
Short Info
Level
Critical
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
15 seconds
Time Interval
30 days
Scan only one
Domain, IPv4
Toolbox
-
Intel Active Management Technology (AMT), Intel Small Business Technology (SBT), and Intel Standard Manageability (ISM) are system management features provided by Intel. These features allow IT professionals to remotely manage and monitor devices, providing a range of functionalities such as security, remote control, and inventory management. These features are widely used in business environments to ensure that devices are fully secured and maintained, alongside reducing the company's IT management costs.
CVE-2017-5689 is a vulnerability in these manageability features, allowing unprivileged users to gain system privileges to provisioned Intel management SKUs. Specifically, an unprivileged network attacker can cause system privilege escalation on AMT and ISM. Meanwhile, an unprivileged local attacker could provision manageability features, leading to the gain of network or local system privileges on AMT, ISM, and SBT.
This vulnerability can lead to cybercriminals accessing sensitive data, destroying data, or even obtaining control over the entire network. It could also lead to unauthorized access from a third party, impacting personal or organization information, and potentially causing significant financial damage. Attackers could use the vulnerability to access the data stored on the device, infect it with malware, or use it to launch further attacks within the organization.
At s4e.io, you can quickly and easily access valuable information about vital vulnerabilities in your digital assets. Through the platform's premium features, you can obtain detailed assessments of the risks associated with your digital assets, enhance your security posture, and remain up-to-date with the latest news and emerging threats. This information is crucial, and our team is dedicated to providing it to you in a reliable, comprehensive, and convenient way. Protecting against known vulnerabilities on time will ensure that you remain secure and protected from the ever-increasing cyber threats.
REFERENCES
- https://www.tenable.com/blog/rediscovering-the-intel-amt-vulnerability
- https://downloadmirror.intel.com/26754/eng/INTEL-SA-00075%20Mitigation%20Guide-Rev%201.1.pdf
- securityfocus.com: 98269
- securitytracker.com: 1038385
- https://security.netapp.com/advisory/ntap-20170509-0001/
- https://www.embedi.com/files/white-papers/Silent-Bob-is-Silent.pdf
- https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075&languageid=en-fr
- https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03754en_us
- http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
- https://www.embedi.com/news/mythbusters-cve-2017-5689
- https://cert-portal.siemens.com/productcert/pdf/ssa-874235.pdf