SB2017112203 - Arbitrary code execution in Intel Manageability Firmware

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2017112203

SB2017112203 - Arbitrary code execution in Intel Manageability Firmware

Published: November 22, 2017

Security Bulletin ID SB2017112203
CSH Severity
High
Patch available
NO
Number of vulnerabilities 4
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 25% Low 75%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 4 vulnerabilities.


1) Buffer overflow (CVE-ID: CVE-2017-5705)

CWE-ID: CWE-120 - Buffer overflow

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a local attacker to execute arbitrary code on the target system.

The weakness exists due to multiple buffer overflows in kernel. A local attacker can send a specially crafted request, trigger memory corruption, execute arbitrary code and compromise the vulnerable system.

2) Buffer overflow (CVE-ID: CVE-2017-5708)

CWE-ID: CWE-120 - Buffer overflow

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a local attacker to execute arbitrary code on the target system.

The weakness exists due to multiple buffer overflows in Active Management Technology (AMT). A local attacker with access to the system can send a specially crafted request, trigger memory corruption, execute arbitrary code with AMT execution privilege and compromise the vulnerable system.

3) Buffer overflow (CVE-ID: CVE-2017-5711)

CWE-ID: CWE-120 - Buffer overflow

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a local attacker to execute arbitrary code on the target system.

The weakness exists due to multiple buffer overflows in Active Management Technology (AMT). A local attacker with access to the system can send a specially crafted request, trigger memory corruption, execute arbitrary code with AMT execution privilege and compromise the vulnerable system.

4) Buffer overflow (CVE-ID: CVE-2017-5712)

CWE-ID: CWE-120 - Buffer overflow

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber


The vulnerability allows a remote administrator to execute arbitrary code on the target system.

The weakness exists due to buffer overflow in Active Management Technology (AMT). A remote attacker with access to the system can send a specially crafted request, trigger memory corruption, execute arbitrary code with AMT execution privilege and compromise the vulnerable system.

Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

References