cvelistv5 - cve-2017-5689

CVE-2017-5689 (GCVE-0-2017-5689)

Vulnerability from cvelistv5

Published

2017-05-02 14:00

Modified

2025-10-21 23:55

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

Escalation of Privilege

Summary

An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features gaining unprivileged network or local system privileges on Intel manageability SKUs: Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT).

References

URL

Tags

	https://www.tenable.com/blog/rediscovering-the-intel-amt-vulnerability	x_refsource_MISC
	https://downloadmirror.intel.com/26754/eng/INTEL-SA-00075%20Mitigation%20Guide-Rev%201.1.pdf	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/98269	vdb-entry, x_refsource_BID
	http://www.securitytracker.com/id/1038385	vdb-entry, x_refsource_SECTRACK
	https://security.netapp.com/advisory/ntap-20170509-0001/	x_refsource_CONFIRM
	https://www.embedi.com/files/white-papers/Silent-Bob-is-Silent.pdf	x_refsource_MISC
	https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075&languageid=en-fr	x_refsource_CONFIRM
	https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03754en_us	x_refsource_CONFIRM
	http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html	x_refsource_CONFIRM
	https://www.embedi.com/news/mythbusters-cve-2017-5689	x_refsource_MISC
	https://cert-portal.siemens.com/productcert/pdf/ssa-874235.pdf	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	Intel Corporation	Intel Active Mangement Technology, Intel Small Business Technology, Intel Standard Manageability	Version: fixed in versions 6.2.61.3535, 7.1.91.3272, 8.1.71.3608, 9.1.41.3024, 10.0.55.3000, 11.0.25.3001, and 11.6.27.3264 and later

CISA Known Exploited Vulnerability

Data from the CISA Known Exploited Vulnerabilities Catalog

Date added: 2022-01-28

Due date: 2022-07-28

Required action: Apply updates per vendor instructions.

Used in ransomware: Unknown

Notes: https://nvd.nist.gov/vuln/detail/CVE-2017-5689

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T15:11:48.401Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.tenable.com/blog/rediscovering-the-intel-amt-vulnerability"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://downloadmirror.intel.com/26754/eng/INTEL-SA-00075%20Mitigation%20Guide-Rev%201.1.pdf"
          },
          {
            "name": "98269",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/98269"
          },
          {
            "name": "1038385",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1038385"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20170509-0001/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.embedi.com/files/white-papers/Silent-Bob-is-Silent.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075\u0026languageid=en-fr"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03754en_us"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.embedi.com/news/mythbusters-cve-2017-5689"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-874235.pdf"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.8,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2017-5689",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-07T13:43:44.728208Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2022-01-28",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-5689"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-269",
                "description": "CWE-269 Improper Privilege Management",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-21T23:55:41.384Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-5689"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2022-01-28T00:00:00.000Z",
            "value": "CVE-2017-5689 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Intel Active Mangement Technology, Intel Small Business Technology, Intel Standard Manageability",
          "vendor": "Intel Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "fixed in versions 6.2.61.3535, 7.1.91.3272, 8.1.71.3608, 9.1.41.3024, 10.0.55.3000, 11.0.25.3001, and 11.6.27.3264 and later"
            }
          ]
        }
      ],
      "datePublic": "2017-05-01T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features gaining unprivileged network or local system privileges on Intel manageability SKUs: Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Escalation of Privilege",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-02-10T14:06:25.000Z",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.tenable.com/blog/rediscovering-the-intel-amt-vulnerability"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://downloadmirror.intel.com/26754/eng/INTEL-SA-00075%20Mitigation%20Guide-Rev%201.1.pdf"
        },
        {
          "name": "98269",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/98269"
        },
        {
          "name": "1038385",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1038385"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20170509-0001/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.embedi.com/files/white-papers/Silent-Bob-is-Silent.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075\u0026languageid=en-fr"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03754en_us"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.embedi.com/news/mythbusters-cve-2017-5689"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-874235.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "ID": "CVE-2017-5689",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Intel Active Mangement Technology, Intel Small Business Technology, Intel Standard Manageability",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "fixed in versions 6.2.61.3535, 7.1.91.3272, 8.1.71.3608, 9.1.41.3024, 10.0.55.3000, 11.0.25.3001, and 11.6.27.3264 and later"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Intel Corporation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features gaining unprivileged network or local system privileges on Intel manageability SKUs: Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Escalation of Privilege"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.tenable.com/blog/rediscovering-the-intel-amt-vulnerability",
              "refsource": "MISC",
              "url": "https://www.tenable.com/blog/rediscovering-the-intel-amt-vulnerability"
            },
            {
              "name": "https://downloadmirror.intel.com/26754/eng/INTEL-SA-00075%20Mitigation%20Guide-Rev%201.1.pdf",
              "refsource": "CONFIRM",
              "url": "https://downloadmirror.intel.com/26754/eng/INTEL-SA-00075%20Mitigation%20Guide-Rev%201.1.pdf"
            },
            {
              "name": "98269",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/98269"
            },
            {
              "name": "1038385",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1038385"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20170509-0001/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20170509-0001/"
            },
            {
              "name": "https://www.embedi.com/files/white-papers/Silent-Bob-is-Silent.pdf",
              "refsource": "MISC",
              "url": "https://www.embedi.com/files/white-papers/Silent-Bob-is-Silent.pdf"
            },
            {
              "name": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075\u0026languageid=en-fr",
              "refsource": "CONFIRM",
              "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075\u0026languageid=en-fr"
            },
            {
              "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03754en_us",
              "refsource": "CONFIRM",
              "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03754en_us"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
            },
            {
              "name": "https://www.embedi.com/news/mythbusters-cve-2017-5689",
              "refsource": "MISC",
              "url": "https://www.embedi.com/news/mythbusters-cve-2017-5689"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-874235.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-874235.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2017-5689",
    "datePublished": "2017-05-02T14:00:00.000Z",
    "dateReserved": "2017-02-01T00:00:00.000Z",
    "dateUpdated": "2025-10-21T23:55:41.384Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2017-5689",
      "dateAdded": "2022-01-28",
      "dueDate": "2022-07-28",
      "knownRansomwareCampaignUse": "Unknown",
      "notes": "https://nvd.nist.gov/vuln/detail/CVE-2017-5689",
      "product": "Active Management Technology (AMT), Small Business Technology (SBT), and Standard Manageability",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "Intel products contain a vulnerability which can allow attackers to perform privilege escalation.",
      "vendorProject": "Intel",
      "vulnerabilityName": "Intel Active Management Technology (AMT), Small Business Technology (SBT), and Standard Manageability Privilege Escalation Vulnerability"
    },
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.tenable.com/blog/rediscovering-the-intel-amt-vulnerability\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://downloadmirror.intel.com/26754/eng/INTEL-SA-00075%20Mitigation%20Guide-Rev%201.1.pdf\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/bid/98269\", \"name\": \"98269\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id/1038385\", \"name\": \"1038385\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20170509-0001/\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://www.embedi.com/files/white-papers/Silent-Bob-is-Silent.pdf\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075\u0026languageid=en-fr\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03754en_us\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://www.embedi.com/news/mythbusters-cve-2017-5689\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-874235.pdf\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-05T15:11:48.401Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2017-5689\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-07T13:43:44.728208Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2022-01-28\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-5689\"}}}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2022-01-28T00:00:00.000Z\", \"value\": \"CVE-2017-5689 added to CISA KEV\"}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-5689\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-269\", \"description\": \"CWE-269 Improper Privilege Management\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-07T13:43:26.535Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"Intel Corporation\", \"product\": \"Intel Active Mangement Technology, Intel Small Business Technology, Intel Standard Manageability\", \"versions\": [{\"status\": \"affected\", \"version\": \"fixed in versions 6.2.61.3535, 7.1.91.3272, 8.1.71.3608, 9.1.41.3024, 10.0.55.3000, 11.0.25.3001, and 11.6.27.3264 and later\"}]}], \"datePublic\": \"2017-05-01T00:00:00.000Z\", \"references\": [{\"url\": \"https://www.tenable.com/blog/rediscovering-the-intel-amt-vulnerability\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://downloadmirror.intel.com/26754/eng/INTEL-SA-00075%20Mitigation%20Guide-Rev%201.1.pdf\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.securityfocus.com/bid/98269\", \"name\": \"98269\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\"]}, {\"url\": \"http://www.securitytracker.com/id/1038385\", \"name\": \"1038385\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20170509-0001/\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://www.embedi.com/files/white-papers/Silent-Bob-is-Silent.pdf\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075\u0026languageid=en-fr\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03754en_us\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://www.embedi.com/news/mythbusters-cve-2017-5689\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-874235.pdf\", \"tags\": [\"x_refsource_CONFIRM\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features gaining unprivileged network or local system privileges on Intel manageability SKUs: Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT).\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"Escalation of Privilege\"}]}], \"providerMetadata\": {\"orgId\": \"6dda929c-bb53-4a77-a76d-48e79601a1ce\", \"shortName\": \"intel\", \"dateUpdated\": \"2020-02-10T14:06:25.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"fixed in versions 6.2.61.3535, 7.1.91.3272, 8.1.71.3608, 9.1.41.3024, 10.0.55.3000, 11.0.25.3001, and 11.6.27.3264 and later\"}]}, \"product_name\": \"Intel Active Mangement Technology, Intel Small Business Technology, Intel Standard Manageability\"}]}, \"vendor_name\": \"Intel Corporation\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://www.tenable.com/blog/rediscovering-the-intel-amt-vulnerability\", \"name\": \"https://www.tenable.com/blog/rediscovering-the-intel-amt-vulnerability\", \"refsource\": \"MISC\"}, {\"url\": \"https://downloadmirror.intel.com/26754/eng/INTEL-SA-00075%20Mitigation%20Guide-Rev%201.1.pdf\", \"name\": \"https://downloadmirror.intel.com/26754/eng/INTEL-SA-00075%20Mitigation%20Guide-Rev%201.1.pdf\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.securityfocus.com/bid/98269\", \"name\": \"98269\", \"refsource\": \"BID\"}, {\"url\": \"http://www.securitytracker.com/id/1038385\", \"name\": \"1038385\", \"refsource\": \"SECTRACK\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20170509-0001/\", \"name\": \"https://security.netapp.com/advisory/ntap-20170509-0001/\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://www.embedi.com/files/white-papers/Silent-Bob-is-Silent.pdf\", \"name\": \"https://www.embedi.com/files/white-papers/Silent-Bob-is-Silent.pdf\", \"refsource\": \"MISC\"}, {\"url\": \"https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075\u0026languageid=en-fr\", \"name\": \"https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075\u0026languageid=en-fr\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03754en_us\", \"name\": \"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03754en_us\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html\", \"name\": \"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://www.embedi.com/news/mythbusters-cve-2017-5689\", \"name\": \"https://www.embedi.com/news/mythbusters-cve-2017-5689\", \"refsource\": \"MISC\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-874235.pdf\", \"name\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-874235.pdf\", \"refsource\": \"CONFIRM\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features gaining unprivileged network or local system privileges on Intel manageability SKUs: Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT).\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"Escalation of Privilege\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2017-5689\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"secure@intel.com\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2017-5689\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-21T23:55:41.384Z\", \"dateReserved\": \"2017-02-01T00:00:00.000Z\", \"assignerOrgId\": \"6dda929c-bb53-4a77-a76d-48e79601a1ce\", \"datePublished\": \"2017-05-02T14:00:00.000Z\", \"assignerShortName\": \"intel\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

CERTFR-2017-AVI-197

Vulnerability from certfr_avis

De multiples vulnérabilités ont été corrigées dans SCADA les produits Siemens. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance et une élévation de privilèges.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Siemens	N/A	SIMATIC Industrial PCs
Siemens	N/A	ViewPort for Web Office Portal toutes versions antérieures à la révision 1453
Siemens	N/A	SINUMERIK Panel Control Unit
Siemens	N/A	SIMOTION P320

References

Title

Publication Time

Tags

Bulletin de sécurité Siemens SSA-545214 du 29 juin 2017	None	vendor-advisory
Bulletin de sécurité Siemens SSA-874235 du 29 juin 2017	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "SIMATIC Industrial PCs",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "ViewPort for Web Office Portal toutes versions ant\u00e9rieures \u00e0 la r\u00e9vision 1453",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SINUMERIK Panel Control Unit",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMOTION P320",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2017-6869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-6869"
    },
    {
      "name": "CVE-2017-5689",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-5689"
    }
  ],
  "initial_release_date": "2017-07-03T00:00:00",
  "last_revision_date": "2017-07-03T00:00:00",
  "links": [],
  "reference": "CERTFR-2017-AVI-197",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2017-07-03T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eSCADA les produits Siemens\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance et\nune \u00e9l\u00e9vation de privil\u00e8ges.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans SCADA les produits Siemens",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-545214 du 29 juin 2017",
      "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_SSA-545214.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-874235 du 29 juin 2017",
      "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-874235.pdf"
    }
  ]
}

CERTFR-2017-AVI-136

Vulnerability from certfr_avis

Une vulnérabilité a été corrigée dans les micrologiciels Intel. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance et une élévation de privilèges.

La vulnérabilité impacte le composant Advanced Management Technology (AMT) des micro-logiciels Intel vulnérables. AMT est une technologie Intel permettant d'administrer (surveiller la disponibilité, mettre à jour, redémarrer, etc.) des systèmes à distance via un canal de communication séparé du système d'exploitation. Les produits ISM (Intel Standard Manageability) et SBT (Small Business Technology) permettent d'accéder à un sous ensemble des fonctionnalités AMT.

Les produits AMT et ISM exposent la fonctionnalité vulnérable sur le réseau et permettraient à un attaquant la prise de contrôle à distance d'un système sans authentification au préalable.

D'autre part, un attaquant ayant un accès local au système vulnérable pourrait élever ses privilèges en exploitant cette vulnérabilité.

Intel a mis à disposition un guide permettant d'identifier si un système est vulnérable [1] ainsi qu'une procédure proposant des contre-mesures lorsque la mise à jour n'est pas disponible pour le composant impacté [2].

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Intel	N/A	Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), et Intel Small Business Technology versions 10.x antérieures à 10.0.55.3000
Intel	N/A	Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), et Intel Small Business Technology versions 9.5.x antérieures à 9.5.61.3012
Intel	N/A	Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), et Intel Small Business Technology versions 6.x antérieures à 6.2.61.3535
Intel	N/A	Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), et Intel Small Business Technology versions 8.x antérieures à 8.1.71.3608
Intel	N/A	Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), et Intel Small Business Technology versions 7.x antérieures à 7.1.91.3272
Intel	N/A	Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), et Intel Small Business Technology versions 11.5.x et 11.6.x antérieures à 11.6.27.3264
Intel	N/A	Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), et Intel Small Business Technology versions 9.0.x et 9.1.x antérieures à 9.1.41.3024
Intel	N/A	Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), et Intel Small Business Technology versions 11.0.x antérieures à 11.0.25.3001

References

Title

Publication Time

Tags

Bulletin de sécurité Intel INTEL-SA-00075 du 01 mai 2017	None	vendor-advisory
1 Guide Intel	-	other
2 Contre-mesures Intel	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), et Intel Small Business Technology versions 10.x ant\u00e9rieures \u00e0 10.0.55.3000",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), et Intel Small Business Technology versions 9.5.x ant\u00e9rieures \u00e0 9.5.61.3012",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), et Intel Small Business Technology versions 6.x ant\u00e9rieures \u00e0 6.2.61.3535",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), et Intel Small Business Technology versions 8.x ant\u00e9rieures \u00e0 8.1.71.3608",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), et Intel Small Business Technology versions 7.x ant\u00e9rieures \u00e0 7.1.91.3272",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), et Intel Small Business Technology versions 11.5.x et 11.6.x ant\u00e9rieures \u00e0 11.6.27.3264",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), et Intel Small Business Technology versions 9.0.x et 9.1.x ant\u00e9rieures \u00e0 9.1.41.3024",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), et Intel Small Business Technology versions 11.0.x ant\u00e9rieures \u00e0 11.0.25.3001",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2017-5689",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-5689"
    }
  ],
  "initial_release_date": "2017-05-02T00:00:00",
  "last_revision_date": "2017-05-02T00:00:00",
  "links": [
    {
      "title": "1 Guide Intel",
      "url": "https://communities.intel.com/docs/DOC-5693"
    },
    {
      "title": "2 Contre-mesures Intel",
      "url": "https://downloadcenter.intel.com/download/26754"
    }
  ],
  "reference": "CERTFR-2017-AVI-136",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2017-05-02T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 corrig\u00e9e dans \u003cspan class=\"textit\"\u003eles\nmicrologiciels Intel\u003c/span\u003e. Elle permet \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance et une \u00e9l\u00e9vation de privil\u00e8ges.\n\nLa vuln\u00e9rabilit\u00e9 impacte le composant Advanced Management Technology\n(AMT) des micro-logiciels Intel vuln\u00e9rables. AMT est une technologie\nIntel permettant d\u0027administrer (surveiller la disponibilit\u00e9, mettre \u00e0\njour, red\u00e9marrer, etc.) des syst\u00e8mes \u00e0 distance via un canal de\ncommunication s\u00e9par\u00e9 du syst\u00e8me d\u0027exploitation. Les produits ISM (Intel\nStandard Manageability) et SBT (Small Business Technology) permettent\nd\u0027acc\u00e9der \u00e0 un sous ensemble des fonctionnalit\u00e9s AMT.\n\nLes produits AMT et ISM exposent la fonctionnalit\u00e9 vuln\u00e9rable sur le\nr\u00e9seau et permettraient \u00e0 un attaquant la prise de contr\u00f4le \u00e0 distance\nd\u0027un syst\u00e8me sans authentification au pr\u00e9alable.\n\nD\u0027autre part, un attaquant ayant un acc\u00e8s local au syst\u00e8me vuln\u00e9rable\npourrait \u00e9lever ses privil\u00e8ges en exploitant cette vuln\u00e9rabilit\u00e9.\n\nIntel a mis \u00e0 disposition un guide permettant d\u0027identifier si un syst\u00e8me\nest vuln\u00e9rable \\[1\\] ainsi qu\u0027une proc\u00e9dure proposant des contre-mesures\nlorsque la mise \u00e0 jour n\u0027est pas disponible pour le composant impact\u00e9\n\\[2\\].\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans les micrologiciels Intel",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00075 du 01 mai 2017",
      "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075\u0026languageid=en-fr"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2017-5689 (GCVE-0-2017-5689)

Vulnerability from cvelistv5

CISA Known Exploited Vulnerability

Data from the CISA Known Exploited Vulnerabilities Catalog

CERTFR-2017-AVI-197

Vulnerability from certfr_avis

Solution

CERTFR-2017-AVI-136

Vulnerability from certfr_avis

Solution

Tags

Sightings

Nomenclature