Описание
An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features gaining unprivileged network or local system privileges on Intel manageability SKUs: Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT).
An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features gaining unprivileged network or local system privileges on Intel manageability SKUs: Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT).
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2017-5689
- https://cert-portal.siemens.com/productcert/pdf/ssa-874235.pdf
- https://downloadmirror.intel.com/26754/eng/INTEL-SA-00075%20Mitigation%20Guide-Rev%201.1.pdf
- https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03754en_us
- https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075&languageid=en-fr
- https://security.netapp.com/advisory/ntap-20170509-0001
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-5689
- https://www.embedi.com/files/white-papers/Silent-Bob-is-Silent.pdf
- https://www.embedi.com/news/mythbusters-cve-2017-5689
- https://www.tenable.com/blog/rediscovering-the-intel-amt-vulnerability
- http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
- http://www.securityfocus.com/bid/98269
- http://www.securitytracker.com/id/1038385
Связанные уязвимости
An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features gaining unprivileged network or local system privileges on Intel manageability SKUs: Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT).
Уязвимость web-сервера модуля, реализующего технологию удалённого управления компьютером Intel Active Management Technology, позволяющая нарушителю получить доступ к устройству