CVE-2017-5689

CVSS 9.8 CRITICALEPSS 92.2%● KEVCWE-269

In short

A vulnerability in Intel's management systems (AMT, ISM, SBT) allows attackers from the network or from the local computer to gain full system control without needing special privileges. This is critical because it bypasses all security protections on affected Intel systems.

Technical detail

CWE-269 (Improper Access Control) in Intel Active Management Technology, Standard Manageability, and Small Business Technology enables unprivileged network attackers to escalate to system privileges, and unprivileged local attackers to provision manageability features for privilege escalation. The vulnerability affects pre-provisioned Intel manageability SKUs and requires no authentication or special conditions to exploit.

Summary generated and translated by AI from the official description.

An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features gaining unprivileged network or local system privileges on Intel manageability SKUs: Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT).

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Intel Corporation · Intel Active Mangement Technology, Intel Small Business Technology, Intel Standard Manageability

public PoCs found — 6

githubgithub.com/embedi/amt_auth_bypass_poc★ 55 githubgithub.com/CerberusSecurity/CVE-2017-5689★ 39 githubgithub.com/Bijaye/intel_amt_bypass★ 3 githubgithub.com/MlSebrell/amthoneypot★ 1 githubgithub.com/TheWay-hue/CVE-2017-5689-Checker★ 0 exploitdbwww.exploit-db.com/exploits/43385unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://cert-portal.siemens.com/productcert/pdf/ssa-874235.pdf https://downloadmirror.intel.com/26754/eng/INTEL-SA-00075%20Mitigation%20Guide-Rev%201.1.pdf https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03754en_us https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075&languageid=en-fr https://security.netapp.com/advisory/ntap-20170509-0001/https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-5689 https://www.embedi.com/files/white-papers/Silent-Bob-is-Silent.pdf https://www.embedi.com/news/mythbusters-cve-2017-5689 https://www.tenable.com/blog/rediscovering-the-intel-amt-vulnerability http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html http://www.securityfocus.com/bid/98269 http://www.securitytracker.com/id/1038385