Privilege escalation in Intel Manageability Firmware - CVE-2017-5689
Published: May 3, 2017 / Updated: February 20, 2022
Vulnerability identifier: #VU6397
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber
CVE-ID: CVE-2017-5689
CWE-ID: CWE-287
Exploitation vector: Remote access
Exploit availability:
The vulnerability is being exploited in the wild
Vendor: Intel
Affected software:
Intel Manageability Firmware
Intel Manageability Firmware
Detailed vulnerability description
The vulnerability allows a remote unauthenticated or local attacker to gain elevated privileges on the target system.
The vulnerability exists due to improper authentication. A remote attacker can connect to the 16992/tcp port through UDP protocol and gain full control of Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). A local attacker can escalate privileges and compromise Intel manageability SKUs: Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT).
Successful exploitation of the vulnerability may result in system compromise.
How to mitigate CVE-2017-5689
Install update from vendor's website.