Lucene search

[email protected]CVE-2017-5711

HistoryNov 21, 2017 - 2:29 p.m.

CVE-2017-5711

2017-11-2114:29:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2017-5711

buffer overflow

intel

amt

security vulnerability

local access

arbitrary code execution

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.4 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.2%

JSON

Multiple buffer overflows in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the system to execute arbitrary code with AMT execution privilege.

Affected configurations

NVD

Node

intelmanageability_engine_firmwareRange8.0.0.0–8.1.71.3608

intelmanageability_engine_firmwareRange9.0.0.0–9.1.41.3024

intelmanageability_engine_firmwareRange10.0.0.0–10.0.55.3000

intelmanageability_engine_firmwareMatch11.0

intelmanageability_engine_firmwareMatch11.5

intelmanageability_engine_firmwareMatch11.6

intelmanageability_engine_firmwareMatch11.7

intelmanageability_engine_firmwareMatch11.10

intelmanageability_engine_firmwareMatch11.20

Node

intelactive_management_technology_firmwareMatch-

Node

asusz170-premium_firmwareMatch-

AND

asusz170-premiumMatch-

Node

asusz170-deluxe_firmwareMatch-

AND

asusz170-deluxeMatch-

Node

asusz170-pro_firmwareMatch-

AND

asusz170-proMatch-

Node

asusz170-a_firmwareMatch-

AND

asusz170-aMatch-

Node

asusz170-ar_firmwareMatch-

AND

asusz170-arMatch-

Node

asusz170-e_firmwareMatch-

AND

asusz170-eMatch-

Node

asusz170-k_firmwareMatch-

AND

asusz170-kMatch-

Node

asusz170-p_firmwareMatch-

AND

asusz170-pMatch-

Node

asusz170m-plus_firmwareMatch-

AND

asusz170m-plusMatch-

Node

asusz170m-plus\/br_firmwareMatch-

AND

asusz170m-plus\/brMatch-

Node

asusz170-p_d3_firmwareMatch-

AND

asusz170-p_d3Match-

Node

asusz170m-e_d3_firmwareMatch-

AND

asusz170m-e_d3Match-

Node

asussabertooth_z170_mark_1_firmwareMatch-

AND

asussabertooth_z170_mark_1Match-

Node

asussabertooth_z170_s_firmwareMatch-

AND

asussabertooth_z170_sMatch-

Node

asusrog_maximus_viii_extreme_firmwareMatch-

AND

asusrog_maximus_viii_extremeMatch-

Node

asusrog_maximus_viii_ranger_firmwareMatch-

AND

asusrog_maximus_viii_rangerMatch-

Node

asusrog_maximus_viii_formula_firmwareMatch-

AND

asusrog_maximus_viii_formulaMatch-

Node

asusrog_maximus_viii_hero_firmwareMatch-

AND

asusrog_maximus_viii_heroMatch-

Node

asusrog_maximus_viii_hero_alpha_firmwareMatch-

AND

asusrog_maximus_viii_hero_alphaMatch-

Node

asusrog_maximus_viii_gene_firmwareMatch-

AND

asusrog_maximus_viii_geneMatch-

Node

asusrog_maximus_viii_impact_firmwareMatch-

AND

asusrog_maximus_viii_impactMatch-

Node

asusz170i_pro_gaming_firmwareMatch-

AND

asusz170i_pro_gamingMatch-

Node

asusz170_pro_gaming_firmwareMatch-

AND

asusz170_pro_gamingMatch-

Node

asusz170_pro_gaming\/aura_firmwareMatch-

AND

asusz170_pro_gaming\/auraMatch-

Node

asusb150_pro_gaming_firmwareMatch-

AND

asusb150_pro_gamingMatch-

Node

asusb150_pro_gaming\/aura_firmwareMatch-

AND

asusb150_pro_gaming\/auraMatch-

Node

asusb150i_pro_gaming\/wifi\/aura_firmwareMatch-

AND

asusb150i_pro_gaming\/wifi\/auraMatch-

Node

asusb150i_pro_gaming\/aura_firmwareMatch-

AND

asusb150i_pro_gaming\/auraMatch-

Node

asusb150m_pro_gaming_firmwareMatch-

AND

asusb150m_pro_gamingMatch-

Node

asusb150m-a_firmwareMatch-

AND

asusb150m-aMatch-

Node

asusb150m-a_d3_firmwareMatch-

AND

asusb150m-a_d3Match-

Node

asusb150m-c_d3_firmwareMatch-

AND

asusb150m-c_d3Match-

Node

asusb150-a_firmwareMatch-

AND

asusb150-aMatch-

Node

asusb150m-d_firmwareMatch-

AND

asusb150m-dMatch-

Node

asusb150m-k_firmwareMatch-

AND

asusb150m-kMatch-

Node

asusb150m-plus_firmwareMatch-

AND

asusb150m-plusMatch-

Node

asusb150m-f_plus_firmwareMatch-

AND

asusb150m-f_plusMatch-

Node

asusb150-plus_firmwareMatch-

AND

asusb150-plusMatch-

Node

asusb150m-v_plus_firmwareMatch-

AND

asusb150m-v_plusMatch-

Node

asusex-b150m-v_firmwareMatch-

AND

asusex-b150m-vMatch-

Node

asusex-b150m-v3_firmwareMatch-

AND

asusex-b150m-v3Match-

Node

asusex-b150m-v5_firmwareMatch-

AND

asusex-b150m-v5Match-

Node

asusex-b150-v7_firmwareMatch-

AND

asusex-b150-v7Match-

Node

asusb150-pro_firmwareMatch-

AND

asusb150-proMatch-

Node

asusb150m-a\/m.2_firmwareMatch-

AND

asusb150m-a\/m.2Match-

Node

asusb150m-c_firmwareMatch-

AND

asusb150m-cMatch-

Node

asusb150m-c\/br_firmwareMatch-

AND

asusb150m-c\/brMatch-

Node

asuspio-b150m_firmwareMatch-

AND

asuspio-b150mMatch-

Node

asustrooper_b150_d3_firmwareMatch-

AND

asustrooper_b150_d3Match-

Node

asusb150m-plus_d3_firmwareMatch-

AND

asusb150m-plus_d3Match-

Node

asusb150_pro_gaming_d3_firmwareMatch-

AND

asusb150_pro_gaming_d3Match-

Node

asusb150m-k_d3_firmwareMatch-

AND

asusb150m-k_d3Match-

Node

asusb150-pro_d3_firmwareMatch-

AND

asusb150-pro_d3Match-

Node

asusex-h110m-v_firmwareMatch-

AND

asusex-h110m-vMatch-

Node

asusex-h110m-v3_firmwareMatch-

AND

asusex-h110m-v3Match-

Node

asush110i-plus_firmwareMatch-

AND

asush110i-plusMatch-

Node

asush110m-a\/dp_firmwareMatch-

AND

asush110m-a\/dpMatch-

Node

asush110m-c_firmwareMatch-

AND

asush110m-cMatch-

Node

asush110m-c\/br_firmwareMatch-

AND

asush110m-c\/brMatch-

Node

asush110m-c\/hdmi_firmwareMatch-

AND

asush110m-c\/hdmiMatch-

Node

asush110m-c\/ps_firmwareMatch-

AND

asush110m-c\/psMatch-

Node

asush110m-c2_firmwareMatch-

AND

asush110m-c2Match-

Node

asush110m-c2\/tf_firmwareMatch-

AND

asush110m-c2\/tfMatch-

Node

asush110m-cs_firmwareMatch-

AND

asush110m-csMatch-

Node

asush110m-cs_x_firmwareMatch-

AND

asush110m-cs_xMatch-

Node

asush110m-cs\/br_firmwareMatch-

AND

asush110m-cs\/brMatch-

Node

asush110m-d\/exper\/si_firmwareMatch-

AND

asush110m-d\/exper\/siMatch-

Node

asush110m-k_x_firmwareMatch-

AND

asush110m-k_xMatch-

Node

asush110m-ks_firmwareMatch-

AND

asush110m-ksMatch-

Node

asush110m-ks_r1_firmwareMatch-

AND

asush110m-ks_r1Match-

Node

asush110m-p\/dvi_firmwareMatch-

AND

asush110m-p\/dviMatch-

Node

asush110m-ts_firmwareMatch-

AND

asush110m-tsMatch-

Node

asush110-plus_firmwareMatch-

AND

asush110-plusMatch-

Node

asush110s1_firmwareMatch-

AND

asush110s1Match-

Node

asush110s2_firmwareMatch-

AND

asush110s2Match-

Node

asush110t_firmwareMatch-

AND

asush110tMatch-

Node

asush110t-a_firmwareMatch-

AND

asush110t-aMatch-

Node

asush110m-a\/m.2_firmwareMatch-

AND

asush110m-a\/m.2Match-

Node

asush110m-d_firmwareMatch-

AND

asush110m-dMatch-

Node

asush110m-e_firmwareMatch-

AND

asush110m-eMatch-

Node

asush110m-e\/m.2_firmwareMatch-

AND

asush110m-e\/m.2Match-

Node

asush110m-f_firmwareMatch-

AND

asush110m-fMatch-

Node

asush110m-k_firmwareMatch-

AND

asush110m-kMatch-

Node

asush110m-a_firmwareMatch-

AND

asush110m-aMatch-

Node

asustrooper_h110_d3_firmwareMatch-

AND

asustrooper_h110_d3Match-

Node

asush110m-plus_firmwareMatch-

AND

asush110m-plusMatch-

Node

asush110m-r_firmwareMatch-

AND

asush110m-rMatch-

Node

asusprime_h110m2_firmwareMatch-

AND

asusprime_h110m2Match-

Node

asusprime_h110m2\/fpt_firmwareMatch-

AND

asusprime_h110m2\/fptMatch-

Node

asusprime_h110m-p_firmwareMatch-

AND

asusprime_h110m-pMatch-

Node

asush110m-k_d3_firmwareMatch-

AND

asush110m-k_d3Match-

Node

asush110m-a_d3_firmwareMatch-

AND

asush110m-a_d3Match-

Node

asush170-pro_firmwareMatch-

AND

asush170-proMatch-

Node

asush170i-pro_firmwareMatch-

AND

asush170i-proMatch-

Node

asush170_pro_gaming_firmwareMatch-

AND

asush170_pro_gamingMatch-

Node

asush170m-plus_firmwareMatch-

AND

asush170m-plusMatch-

Node

asush170-pro\/usb_3.1_firmwareMatch-

AND

asush170-pro\/usb_3.1Match-

Node

asush170m-plus\/br_firmwareMatch-

AND

asush170m-plus\/brMatch-

Node

asush170-plus_d3_firmwareMatch-

AND

asush170-plus_d3Match-

Node

asush170m-e_d3_firmwareMatch-

AND

asush170m-e_d3Match-

Node

asusex-b250-v7_firmwareMatch-

AND

asusex-b250-v7Match-

Node

asusb250_mining_expert_firmwareMatch-

AND

asusb250_mining_expertMatch-

Node

asusprime_b250m-d_firmwareMatch-

AND

asusprime_b250m-dMatch-

Node

asusprime_b250-a_firmwareMatch-

AND

asusprime_b250-aMatch-

Node

asusprime_b250m-a_firmwareMatch-

AND

asusprime_b250m-aMatch-

Node

asusprime_b250m-j_firmwareMatch-

AND

asusprime_b250m-jMatch-

Node

asusprime_b250m-plus_firmwareMatch-

AND

asusprime_b250m-plusMatch-

Node

asusprime_b250-plus_firmwareMatch-

AND

asusprime_b250-plusMatch-

Node

asusprime_b250m-k_firmwareMatch-

AND

asusprime_b250m-kMatch-

Node

asusprime_b250-pro_firmwareMatch-

AND

asusprime_b250-proMatch-

Node

asusrog_strix_b250i_gaming_firmwareMatch-

AND

asusrog_strix_b250i_gamingMatch-

Node

asusrog_strix_b250g_gamingMatch-

AND

asusrog_strix_b250g_gaming_firmwareMatch-

Node

asusrog_strix_b250h_gamingMatch-

AND

asusrog_strix_b250h_gaming_firmwareMatch-

Node

asusrog_strix_b250f_gamingMatch-

AND

asusrog_strix_b250f_gaming_firmwareMatch-

Node

asusb250m-c_proMatch-

AND

asusb250m-c_pro_firmwareMatch-

Node

asusb250m-f_plusMatch-

AND

asusb250m-f_plus_firmwareMatch-

Node

asusb250-mrMatch-

AND

asusb250-mr_firmwareMatch-

Node

asusb250-sMatch-

AND

asusb250-s_firmwareMatch-

Node

asusex-b250m-vMatch-

AND

asusex-b250m-v_firmwareMatch-

Node

asusex-b250m-v3_firmwareMatch-

AND

asusex-b250m-v3Match-

Node

asusex-b250m-v5_firmwareMatch-

AND

asusex-b250m-v5Match-

Node

asuspio-b250i_firmwareMatch-

AND

asuspio-b250iMatch-

Node

asusprime_b250m-c_firmwareMatch-

AND

asusprime_b250m-cMatch-

Node

asusprime_b250m-plus\/br_firmwareMatch-

AND

asusprime_b250m-plus\/brMatch-

Node

asusprime_h270-pro_firmwareMatch-

AND

asusprime_h270-proMatch-

Node

asusprime_h270-plus_firmwareMatch-

AND

asusprime_h270-plusMatch-

Node

asusrog_strix_h270i_gaming_firmwareMatch-

AND

asusrog_strix_h270i_gamingMatch-

Node

asusrog_strix_h270f_gaming_firmwareMatch-

AND

asusrog_strix_h270f_gamingMatch-

Node

asusprime_h270m-plus_firmwareMatch-

AND

asusprime_h270m-plusMatch-

Node

asusrog_maximus_ix_extreme_firmwareMatch-

AND

asusrog_maximus_ix_extremeMatch-

Node

asusrog_maximus_ix_formula_firmwareMatch-

AND

asusrog_maximus_ix_formulaMatch-

Node

asusrog_maximus_ix_code_firmwareMatch-

AND

asusrog_maximus_ix_codeMatch-

Node

asusrog_maximus_ix_apex_firmwareMatch-

AND

asusrog_maximus_ix_apexMatch-

Node

asusrog_maximus_ix_hero_firmwareMatch-

AND

asusrog_maximus_ix_heroMatch-

Node

asusprime_z270-a_firmwareMatch-

AND

asusprime_z270-aMatch-

Node

asusprime_z270-ar_firmwareMatch-

AND

asusprime_z270-arMatch-

Node

asusrog_strix_z270e_gaming_firmwareMatch-

AND

asusrog_strix_z270e_gamingMatch-

Node

asusrog_strix_z270f_gaming_firmwareMatch-

AND

asusrog_strix_z270f_gamingMatch-

Node

asusrog_strix_z270g_gaming_firmwareMatch-

AND

asusrog_strix_z270g_gamingMatch-

Node

asusrog_strix_z270h_gaming_firmwareMatch-

AND

asusrog_strix_z270h_gamingMatch-

Node

asustuf_z270_mark_1_firmwareMatch-

AND

asustuf_z270_mark_1Match-

Node

asustuf_z270_mark_2_firmwareMatch-

AND

asustuf_z270_mark_2Match-

Node

asusrog_strix_z270h_gaming\/k1_firmwareMatch-

AND

asusrog_strix_z270h_gaming\/k1Match-

Node

asusprime_z270-k_firmwareMatch-

AND

asusprime_z270-kMatch-

Node

asusprime_z270-p_firmwareMatch-

AND

asusprime_z270-pMatch-

Node

asusrog_strix_z270i_gaming_firmwareMatch-

AND

asusrog_strix_z270i_gamingMatch-

Node

asusprime_z270m-plus_firmwareMatch-

AND

asusprime_z270m-plusMatch-

Node

asusprime_z270m-plus\/br_firmwareMatch-

AND

asusprime_z270m-plus\/brMatch-

Node

asusq170m-c_firmwareMatch-

AND

asusq170m-cMatch-

Node

asusq170m-cm-b_firmwareMatch-

AND

asusq170m-cm-bMatch-

Node

asusq170s1_firmwareMatch-

AND

asusq170s1Match-

Node

asusq170t_firmwareMatch-

AND

asusq170tMatch-

Node

asusq170t_v2_firmwareMatch-

AND

asusq170t_v2Match-

Node

asusq170m2_firmwareMatch-

AND

asusq170m2Match-

Node

asusq170m2\/cdm\/si_firmwareMatch-

AND

asusq170m2\/cdm\/siMatch-

Node

asusprime_q270m-c_firmwareMatch-

AND

asusprime_q270m-cMatch-

Node

asusq270m-cm-a_firmwareMatch-

AND

asusq270m-cm-aMatch-

Node

asusq270-s_firmwareMatch-

AND

asusq270-sMatch-

Node

asusprime_j3355i-c_firmwareMatch-

AND

asusprime_j3355i-cMatch-

Node

asusrog_maximus_x_hero_firmwareMatch-

AND

asusrog_maximus_x_heroMatch-

Node

asusrog_maximus_x_formula_firmwareMatch-

AND

asusrog_maximus_x_formulaMatch-

Node

asusrog_maximus_x_code_firmwareMatch-

AND

asusrog_maximus_x_codeMatch-

Node

asusrog_maximus_x_apex_firmwareMatch-

AND

asusrog_maximus_x_apexMatch-

Node

asusprime_z370-a_firmwareMatch-

AND

asusprime_z370-aMatch-

Node

asusprime_z370-p_firmwareMatch-

AND

asusprime_z370-pMatch-

Node

asustuf_z370-pro_gaming_firmwareMatch-

AND

asustuf_z370-pro_gamingMatch-

Node

asustuf_z370-plus_gaming_firmwareMatch-

AND

asustuf_z370-plus_gamingMatch-

Node

asusrog_strix_z370-g_gamingMatch-

AND

asusrog_strix_z370-g_gaming_firmwareMatch-

Node

asusrog_strix_z370-e_gamingMatch-

AND

asusrog_strix_z370-e_gaming_firmwareMatch-

Node

asusrog_strix_z370-f_gamingMatch-

AND

asusrog_strix_z370-f_gaming_firmwareMatch-

Node

asusrog_strix_z370-h_gamingMatch-

AND

asusrog_strix_z370-h_gaming_firmwareMatch-

Node

asusrog_strix_z370-i_gaming_firmwareMatch-

AND

asusrog_strix_z370-i_gamingMatch-

Node

siemenssimatic_field_pg_m3_firmwareRange<6.2.61.3535

AND

siemenssimatic_field_pg_m3Match-

Node

siemenssimatic_field_pg_m4_firmwareRange<18.01.06

AND

siemenssimatic_field_pg_m4Match-

Node

siemenssimatic_field_pg_m5_firmwareRange<22.01.04

AND

siemenssimatic_field_pg_m5Match-

Node

siemenssimatic_ipc677c_firmwareRange<6.2.61.3535

AND

siemenssimatic_ipc677cMatch-

Node

siemenssimatic_ipc427d_firmwareMatch-

AND

siemenssimatic_ipc427dMatch-

Node

siemenssimatic_ipc427e_firmwareRange<21.01.07

AND

siemenssimatic_ipc427eMatch-

Node

siemenssimatic_ipc477d_firmwareMatch-

AND

siemenssimatic_ipc477dMatch-

Node

siemenssimatic_ipc477d_pro_firmwareMatch-

AND

siemenssimatic_ipc477d_proMatch-

Node

siemenssimatic_ipc477e_firmwareRange<21.01.07

AND

siemenssimatic_ipc477eMatch-

Node

siemenssimatic_ipc547d_firmwareRange<7.1.91.3272

AND

siemenssimatic_ipc547dMatch-

Node

siemenssimatic_ipc547e_firmwareRange<9.1.41.3024

AND

siemenssimatic_ipc547eMatch-

Node

siemenssimatic_ipc627c_firmwareRange<6.2.61.3535

AND

siemenssimatic_ipc627cMatch-

Node

siemenssimatic_ipc627d_firmwareRange<9.1.41.3024

AND

siemenssimatic_ipc627dMatch-

Node

siemenssimatic_ipc647c_firmwareRange<6.2.61.3535

AND

siemenssimatic_ipc647cMatch-

Node

siemenssimatic_ipc647d_firmwareRange<9.1.41.3024

AND

siemenssimatic_ipc647dMatch-

Node

siemenssimatic_ipc677d_firmwareRange<9.1.41.3024

AND

siemenssimatic_ipc677dMatch-

Node

siemenssimatic_ipc827c_firmwareRange<6.2.61.3535

AND

siemenssimatic_ipc827cMatch-

Node

siemenssimatic_ipc827d_firmwareRange<9.1.41.3024

AND

siemenssimatic_ipc827dMatch-

Node

siemenssimatic_ipc847c_firmwareRange<6.2.61.3535

AND

siemenssimatic_ipc847cMatch-

Node

siemenssimatic_ipc847d_firmwareRange<9.1.41.3024

AND

siemenssimatic_ipc847dMatch-

Node

siemenssimatic_itp1000_firmwareRange<23.01.03

AND

siemenssimatic_itp1000Match-

Node

siemenssimotion_p320-4s_firmwareRange<17.02.06.83.1

AND

siemenssimotion_p320-4sMatch-

Node

siemenssinumerik_pcu50.5-c_firmwareRange<6.2.61.3535

AND

siemenssinumerik_pcu50.5-cMatch-

Node

siemenssinumerik_pcu50.5-p_firmwareRange<6.2.61.3535

AND

siemenssinumerik_pcu50.5-pMatch-

CPENameOperatorVersion
intel:manageability_engine_firmwareintel manageability engine firmwarele8.1.71.3608
intel:manageability_engine_firmwareintel manageability engine firmwarele9.1.41.3024
intel:manageability_engine_firmwareintel manageability engine firmwarele10.0.55.3000
intel:manageability_engine_firmwareintel manageability engine firmwareeq11.0
intel:manageability_engine_firmwareintel manageability engine firmwareeq11.5
intel:manageability_engine_firmwareintel manageability engine firmwareeq11.6
intel:manageability_engine_firmwareintel manageability engine firmwareeq11.7
intel:manageability_engine_firmwareintel manageability engine firmwareeq11.10
intel:manageability_engine_firmwareintel manageability engine firmwareeq11.20

CPE	Name	Operator	Version
intel:manageability_engine_firmware	intel manageability engine firmware	le	8.1.71.3608
intel:manageability_engine_firmware	intel manageability engine firmware	le	9.1.41.3024
intel:manageability_engine_firmware	intel manageability engine firmware	le	10.0.55.3000
intel:manageability_engine_firmware	intel manageability engine firmware	eq	11.0
intel:manageability_engine_firmware	intel manageability engine firmware	eq	11.5
intel:manageability_engine_firmware	intel manageability engine firmware	eq	11.6
intel:manageability_engine_firmware	intel manageability engine firmware	eq	11.7
intel:manageability_engine_firmware	intel manageability engine firmware	eq	11.10
intel:manageability_engine_firmware	intel manageability engine firmware	eq	11.20

CNA Affected

[
  {
    "product": "Active Management Technology",
    "vendor": "Intel Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20"
      }
    ]
  }
]