Buffer overflow in Intel Manageability Firmware - CVE-2017-5711
Published: November 22, 2017
Vulnerability identifier: #VU9392
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2017-5711
CWE-ID: CWE-120
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Intel
Affected software:
Intel Manageability Firmware
Intel Manageability Firmware
Detailed vulnerability description
The vulnerability allows a local attacker to execute arbitrary code on the target system.
The weakness exists due to multiple buffer overflows in Active Management Technology (AMT). A local attacker with access to the system can send a specially crafted request, trigger memory corruption, execute arbitrary code with AMT execution privilege and compromise the vulnerable system.
The weakness exists due to multiple buffer overflows in Active Management Technology (AMT). A local attacker with access to the system can send a specially crafted request, trigger memory corruption, execute arbitrary code with AMT execution privilege and compromise the vulnerable system.
How to mitigate CVE-2017-5711
Cybersecurity Help is currently unaware of any solutions addressing the vulnerability.