CVE-2017-5711 Intel Active Management Technology Multiple Remote Code Execution Vulnerabilities

漏洞类别:General remote services

漏洞等级:

漏洞信息

The following buffer overflow conditions exist in Intel Active Management Technology (AMT):
CVE-2017-5711: Multiple buffer overflows in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the system to execute arbitrary code with AMT execution privilege.
CVE-2017-5712: Buffer overflow in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allows attacker with remote Admin access to the system to execute arbitrary code with AMT execution privilege.

Affected Versions:
Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20

QID Detection Logic (Un-authenticated):
Intel AMT when enabled exposes its version remotely on TCP ports 16992, 16993. This QID matches vulnerable versions based on the exposed information.

漏洞危害

Successful exploitation allows a remote attacker to execute arbitrary code on a targeted system.

解决方案

Customers are advised to refer to INTEL-SA-00086 for information pertaining to remediating this vulnerability.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

INTEL-SA-00086

Leave a Reply