Lucene search

[email protected]NVD:CVE-2017-5711

HistoryNov 21, 2017 - 2:29 p.m.

CVE-2017-5711

2017-11-2114:29:00

CWE-119

[email protected]

web.nvd.nist.gov

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

5.1%

JSON

Multiple buffer overflows in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the system to execute arbitrary code with AMT execution privilege.

Affected configurations

NVD

Node

intelmanageability_engine_firmwareRange8.0.0.0–8.1.71.3608

intelmanageability_engine_firmwareRange9.0.0.0–9.1.41.3024

intelmanageability_engine_firmwareRange10.0.0.0–10.0.55.3000

intelmanageability_engine_firmwareMatch11.0

intelmanageability_engine_firmwareMatch11.5

intelmanageability_engine_firmwareMatch11.6

intelmanageability_engine_firmwareMatch11.7

intelmanageability_engine_firmwareMatch11.10

intelmanageability_engine_firmwareMatch11.20

Node

intelactive_management_technology_firmwareMatch-

Node

asusz170-premium_firmwareMatch-

AND

asusz170-premiumMatch-

Node

asusz170-deluxe_firmwareMatch-

AND

asusz170-deluxeMatch-

Node

asusz170-pro_firmwareMatch-

AND

asusz170-proMatch-

Node

asusz170-a_firmwareMatch-

AND

asusz170-aMatch-

Node

asusz170-ar_firmwareMatch-

AND

asusz170-arMatch-

Node

asusz170-e_firmwareMatch-

AND

asusz170-eMatch-

Node

asusz170-k_firmwareMatch-

AND

asusz170-kMatch-

Node

asusz170-p_firmwareMatch-

AND

asusz170-pMatch-

Node

asusz170m-plus_firmwareMatch-

AND

asusz170m-plusMatch-

Node

asusz170m-plus\/br_firmwareMatch-

AND

asusz170m-plus\/brMatch-

Node

asusz170-p_d3_firmwareMatch-

AND

asusz170-p_d3Match-

Node

asusz170m-e_d3_firmwareMatch-

AND

asusz170m-e_d3Match-

Node

asussabertooth_z170_mark_1_firmwareMatch-

AND

asussabertooth_z170_mark_1Match-

Node

asussabertooth_z170_s_firmwareMatch-

AND

asussabertooth_z170_sMatch-

Node

asusrog_maximus_viii_extreme_firmwareMatch-

AND

asusrog_maximus_viii_extremeMatch-

Node

asusrog_maximus_viii_ranger_firmwareMatch-

AND

asusrog_maximus_viii_rangerMatch-

Node

asusrog_maximus_viii_formula_firmwareMatch-

AND

asusrog_maximus_viii_formulaMatch-

Node

asusrog_maximus_viii_hero_firmwareMatch-

AND

asusrog_maximus_viii_heroMatch-

Node

asusrog_maximus_viii_hero_alpha_firmwareMatch-

AND

asusrog_maximus_viii_hero_alphaMatch-

Node

asusrog_maximus_viii_gene_firmwareMatch-

AND

asusrog_maximus_viii_geneMatch-

Node

asusrog_maximus_viii_impact_firmwareMatch-

AND

asusrog_maximus_viii_impactMatch-

Node

asusz170i_pro_gaming_firmwareMatch-

AND

asusz170i_pro_gamingMatch-

Node

asusz170_pro_gaming_firmwareMatch-

AND

asusz170_pro_gamingMatch-

Node

asusz170_pro_gaming\/aura_firmwareMatch-

AND

asusz170_pro_gaming\/auraMatch-

Node

asusb150_pro_gaming_firmwareMatch-

AND

asusb150_pro_gamingMatch-

Node

asusb150_pro_gaming\/aura_firmwareMatch-

AND

asusb150_pro_gaming\/auraMatch-

Node

asusb150i_pro_gaming\/wifi\/aura_firmwareMatch-

AND

asusb150i_pro_gaming\/wifi\/auraMatch-

Node

asusb150i_pro_gaming\/aura_firmwareMatch-

AND

asusb150i_pro_gaming\/auraMatch-

Node

asusb150m_pro_gaming_firmwareMatch-

AND

asusb150m_pro_gamingMatch-

Node

asusb150m-a_firmwareMatch-

AND

asusb150m-aMatch-

Node

asusb150m-a_d3_firmwareMatch-

AND

asusb150m-a_d3Match-

Node

asusb150m-c_d3_firmwareMatch-

AND

asusb150m-c_d3Match-

Node

asusb150-a_firmwareMatch-

AND

asusb150-aMatch-

Node

asusb150m-d_firmwareMatch-

AND

asusb150m-dMatch-

Node

asusb150m-k_firmwareMatch-

AND

asusb150m-kMatch-

Node

asusb150m-plus_firmwareMatch-

AND

asusb150m-plusMatch-

Node

asusb150m-f_plus_firmwareMatch-

AND

asusb150m-f_plusMatch-

Node

asusb150-plus_firmwareMatch-

AND

asusb150-plusMatch-

Node

asusb150m-v_plus_firmwareMatch-

AND

asusb150m-v_plusMatch-

Node

asusex-b150m-v_firmwareMatch-

AND

asusex-b150m-vMatch-

Node

asusex-b150m-v3_firmwareMatch-

AND

asusex-b150m-v3Match-

Node

asusex-b150m-v5_firmwareMatch-

AND

asusex-b150m-v5Match-

Node

asusex-b150-v7_firmwareMatch-

AND

asusex-b150-v7Match-

Node

asusb150-pro_firmwareMatch-

AND

asusb150-proMatch-

Node

asusb150m-a\/m.2_firmwareMatch-

AND

asusb150m-a\/m.2Match-

Node

asusb150m-c_firmwareMatch-

AND

asusb150m-cMatch-

Node

asusb150m-c\/br_firmwareMatch-

AND

asusb150m-c\/brMatch-

Node

asuspio-b150m_firmwareMatch-

AND

asuspio-b150mMatch-

Node

asustrooper_b150_d3_firmwareMatch-

AND

asustrooper_b150_d3Match-

Node

asusb150m-plus_d3_firmwareMatch-

AND

asusb150m-plus_d3Match-

Node

asusb150_pro_gaming_d3_firmwareMatch-

AND

asusb150_pro_gaming_d3Match-

Node

asusb150m-k_d3_firmwareMatch-

AND

asusb150m-k_d3Match-

Node

asusb150-pro_d3_firmwareMatch-

AND

asusb150-pro_d3Match-

Node

asusex-h110m-v_firmwareMatch-

AND

asusex-h110m-vMatch-

Node

asusex-h110m-v3_firmwareMatch-

AND

asusex-h110m-v3Match-

Node

asush110i-plus_firmwareMatch-

AND

asush110i-plusMatch-

Node

asush110m-a\/dp_firmwareMatch-

AND

asush110m-a\/dpMatch-

Node

asush110m-c_firmwareMatch-

AND

asush110m-cMatch-

Node

asush110m-c\/br_firmwareMatch-

AND

asush110m-c\/brMatch-

Node

asush110m-c\/hdmi_firmwareMatch-

AND

asush110m-c\/hdmiMatch-

Node

asush110m-c\/ps_firmwareMatch-

AND

asush110m-c\/psMatch-

Node

asush110m-c2_firmwareMatch-

AND

asush110m-c2Match-

Node

asush110m-c2\/tf_firmwareMatch-

AND

asush110m-c2\/tfMatch-

Node

asush110m-cs_firmwareMatch-

AND

asush110m-csMatch-

Node

asush110m-cs_x_firmwareMatch-

AND

asush110m-cs_xMatch-

Node

asush110m-cs\/br_firmwareMatch-

AND

asush110m-cs\/brMatch-

Node

asush110m-d\/exper\/si_firmwareMatch-

AND

asush110m-d\/exper\/siMatch-

Node

asush110m-k_x_firmwareMatch-

AND

asush110m-k_xMatch-

Node

asush110m-ks_firmwareMatch-

AND

asush110m-ksMatch-

Node

asush110m-ks_r1_firmwareMatch-

AND

asush110m-ks_r1Match-

Node

asush110m-p\/dvi_firmwareMatch-

AND

asush110m-p\/dviMatch-

Node

asush110m-ts_firmwareMatch-

AND

asush110m-tsMatch-

Node

asush110-plus_firmwareMatch-

AND

asush110-plusMatch-

Node

asush110s1_firmwareMatch-

AND

asush110s1Match-

Node

asush110s2_firmwareMatch-

AND

asush110s2Match-

Node

asush110t_firmwareMatch-

AND

asush110tMatch-

Node

asush110t-a_firmwareMatch-

AND

asush110t-aMatch-

Node

asush110m-a\/m.2_firmwareMatch-

AND

asush110m-a\/m.2Match-

Node

asush110m-d_firmwareMatch-

AND

asush110m-dMatch-

Node

asush110m-e_firmwareMatch-

AND

asush110m-eMatch-

Node

asush110m-e\/m.2_firmwareMatch-

AND

asush110m-e\/m.2Match-

Node

asush110m-f_firmwareMatch-

AND

asush110m-fMatch-

Node

asush110m-k_firmwareMatch-

AND

asush110m-kMatch-

Node

asush110m-a_firmwareMatch-

AND

asush110m-aMatch-

Node

asustrooper_h110_d3_firmwareMatch-

AND

asustrooper_h110_d3Match-

Node

asush110m-plus_firmwareMatch-

AND

asush110m-plusMatch-

Node

asush110m-r_firmwareMatch-

AND

asush110m-rMatch-

Node

asusprime_h110m2_firmwareMatch-

AND

asusprime_h110m2Match-

Node

asusprime_h110m2\/fpt_firmwareMatch-

AND

asusprime_h110m2\/fptMatch-

Node

asusprime_h110m-p_firmwareMatch-

AND

asusprime_h110m-pMatch-

Node

asush110m-k_d3_firmwareMatch-

AND

asush110m-k_d3Match-

Node

asush110m-a_d3_firmwareMatch-

AND

asush110m-a_d3Match-

Node

asush170-pro_firmwareMatch-

AND

asush170-proMatch-

Node

asush170i-pro_firmwareMatch-

AND

asush170i-proMatch-

Node

asush170_pro_gaming_firmwareMatch-

AND

asush170_pro_gamingMatch-

Node

asush170m-plus_firmwareMatch-

AND

asush170m-plusMatch-

Node

asush170-pro\/usb_3.1_firmwareMatch-

AND

asush170-pro\/usb_3.1Match-

Node

asush170m-plus\/br_firmwareMatch-

AND

asush170m-plus\/brMatch-

Node

asush170-plus_d3_firmwareMatch-

AND

asush170-plus_d3Match-

Node

asush170m-e_d3_firmwareMatch-

AND

asush170m-e_d3Match-

Node

asusex-b250-v7_firmwareMatch-

AND

asusex-b250-v7Match-

Node

asusb250_mining_expert_firmwareMatch-

AND

asusb250_mining_expertMatch-

Node

asusprime_b250m-d_firmwareMatch-

AND

asusprime_b250m-dMatch-

Node

asusprime_b250-a_firmwareMatch-

AND

asusprime_b250-aMatch-

Node

asusprime_b250m-a_firmwareMatch-

AND

asusprime_b250m-aMatch-

Node

asusprime_b250m-j_firmwareMatch-

AND

asusprime_b250m-jMatch-

Node

asusprime_b250m-plus_firmwareMatch-

AND

asusprime_b250m-plusMatch-

Node

asusprime_b250-plus_firmwareMatch-

AND

asusprime_b250-plusMatch-

Node

asusprime_b250m-k_firmwareMatch-

AND

asusprime_b250m-kMatch-

Node

asusprime_b250-pro_firmwareMatch-

AND

asusprime_b250-proMatch-

Node

asusrog_strix_b250i_gaming_firmwareMatch-

AND

asusrog_strix_b250i_gamingMatch-

Node

asusrog_strix_b250g_gamingMatch-

AND

asusrog_strix_b250g_gaming_firmwareMatch-

Node

asusrog_strix_b250h_gamingMatch-

AND

asusrog_strix_b250h_gaming_firmwareMatch-

Node

asusrog_strix_b250f_gamingMatch-

AND

asusrog_strix_b250f_gaming_firmwareMatch-

Node

asusb250m-c_proMatch-

AND

asusb250m-c_pro_firmwareMatch-

Node

asusb250m-f_plusMatch-

AND

asusb250m-f_plus_firmwareMatch-

Node

asusb250-mrMatch-

AND

asusb250-mr_firmwareMatch-

Node

asusb250-sMatch-

AND

asusb250-s_firmwareMatch-

Node

asusex-b250m-vMatch-

AND

asusex-b250m-v_firmwareMatch-

Node

asusex-b250m-v3_firmwareMatch-

AND

asusex-b250m-v3Match-

Node

asusex-b250m-v5_firmwareMatch-

AND

asusex-b250m-v5Match-

Node

asuspio-b250i_firmwareMatch-

AND

asuspio-b250iMatch-

Node

asusprime_b250m-c_firmwareMatch-

AND

asusprime_b250m-cMatch-

Node

asusprime_b250m-plus\/br_firmwareMatch-

AND

asusprime_b250m-plus\/brMatch-

Node

asusprime_h270-pro_firmwareMatch-

AND

asusprime_h270-proMatch-

Node

asusprime_h270-plus_firmwareMatch-

AND

asusprime_h270-plusMatch-

Node

asusrog_strix_h270i_gaming_firmwareMatch-

AND

asusrog_strix_h270i_gamingMatch-

Node

asusrog_strix_h270f_gaming_firmwareMatch-

AND

asusrog_strix_h270f_gamingMatch-

Node

asusprime_h270m-plus_firmwareMatch-

AND

asusprime_h270m-plusMatch-

Node

asusrog_maximus_ix_extreme_firmwareMatch-

AND

asusrog_maximus_ix_extremeMatch-

Node

asusrog_maximus_ix_formula_firmwareMatch-

AND

asusrog_maximus_ix_formulaMatch-

Node

asusrog_maximus_ix_code_firmwareMatch-

AND

asusrog_maximus_ix_codeMatch-

Node

asusrog_maximus_ix_apex_firmwareMatch-

AND

asusrog_maximus_ix_apexMatch-

Node

asusrog_maximus_ix_hero_firmwareMatch-

AND

asusrog_maximus_ix_heroMatch-

Node

asusprime_z270-a_firmwareMatch-

AND

asusprime_z270-aMatch-

Node

asusprime_z270-ar_firmwareMatch-

AND

asusprime_z270-arMatch-

Node

asusrog_strix_z270e_gaming_firmwareMatch-

AND

asusrog_strix_z270e_gamingMatch-

Node

asusrog_strix_z270f_gaming_firmwareMatch-

AND

asusrog_strix_z270f_gamingMatch-

Node

asusrog_strix_z270g_gaming_firmwareMatch-

AND

asusrog_strix_z270g_gamingMatch-

Node

asusrog_strix_z270h_gaming_firmwareMatch-

AND

asusrog_strix_z270h_gamingMatch-

Node

asustuf_z270_mark_1_firmwareMatch-

AND

asustuf_z270_mark_1Match-

Node

asustuf_z270_mark_2_firmwareMatch-

AND

asustuf_z270_mark_2Match-

Node

asusrog_strix_z270h_gaming\/k1_firmwareMatch-

AND

asusrog_strix_z270h_gaming\/k1Match-

Node

asusprime_z270-k_firmwareMatch-

AND

asusprime_z270-kMatch-

Node

asusprime_z270-p_firmwareMatch-

AND

asusprime_z270-pMatch-

Node

asusrog_strix_z270i_gaming_firmwareMatch-

AND

asusrog_strix_z270i_gamingMatch-

Node

asusprime_z270m-plus_firmwareMatch-

AND

asusprime_z270m-plusMatch-

Node

asusprime_z270m-plus\/br_firmwareMatch-

AND

asusprime_z270m-plus\/brMatch-

Node

asusq170m-c_firmwareMatch-

AND

asusq170m-cMatch-

Node

asusq170m-cm-b_firmwareMatch-

AND

asusq170m-cm-bMatch-

Node

asusq170s1_firmwareMatch-

AND

asusq170s1Match-

Node

asusq170t_firmwareMatch-

AND

asusq170tMatch-

Node

asusq170t_v2_firmwareMatch-

AND

asusq170t_v2Match-

Node

asusq170m2_firmwareMatch-

AND

asusq170m2Match-

Node

asusq170m2\/cdm\/si_firmwareMatch-

AND

asusq170m2\/cdm\/siMatch-

Node

asusprime_q270m-c_firmwareMatch-

AND

asusprime_q270m-cMatch-

Node

asusq270m-cm-a_firmwareMatch-

AND

asusq270m-cm-aMatch-

Node

asusq270-s_firmwareMatch-

AND

asusq270-sMatch-

Node

asusprime_j3355i-c_firmwareMatch-

AND

asusprime_j3355i-cMatch-

Node

asusrog_maximus_x_hero_firmwareMatch-

AND

asusrog_maximus_x_heroMatch-

Node

asusrog_maximus_x_formula_firmwareMatch-

AND

asusrog_maximus_x_formulaMatch-

Node

asusrog_maximus_x_code_firmwareMatch-

AND

asusrog_maximus_x_codeMatch-

Node

asusrog_maximus_x_apex_firmwareMatch-

AND

asusrog_maximus_x_apexMatch-

Node

asusprime_z370-a_firmwareMatch-

AND

asusprime_z370-aMatch-

Node

asusprime_z370-p_firmwareMatch-

AND

asusprime_z370-pMatch-

Node

asustuf_z370-pro_gaming_firmwareMatch-

AND

asustuf_z370-pro_gamingMatch-

Node

asustuf_z370-plus_gaming_firmwareMatch-

AND

asustuf_z370-plus_gamingMatch-

Node

asusrog_strix_z370-g_gamingMatch-

AND

asusrog_strix_z370-g_gaming_firmwareMatch-

Node

asusrog_strix_z370-e_gamingMatch-

AND

asusrog_strix_z370-e_gaming_firmwareMatch-

Node

asusrog_strix_z370-f_gamingMatch-

AND

asusrog_strix_z370-f_gaming_firmwareMatch-

Node

asusrog_strix_z370-h_gamingMatch-

AND

asusrog_strix_z370-h_gaming_firmwareMatch-

Node

asusrog_strix_z370-i_gaming_firmwareMatch-

AND

asusrog_strix_z370-i_gamingMatch-

Node

siemenssimatic_field_pg_m3_firmwareRange<6.2.61.3535

AND

siemenssimatic_field_pg_m3Match-

Node

siemenssimatic_field_pg_m4_firmwareRange<18.01.06

AND

siemenssimatic_field_pg_m4Match-

Node

siemenssimatic_field_pg_m5_firmwareRange<22.01.04

AND

siemenssimatic_field_pg_m5Match-

Node

siemenssimatic_ipc677c_firmwareRange<6.2.61.3535

AND

siemenssimatic_ipc677cMatch-

Node

siemenssimatic_ipc427d_firmwareMatch-

AND

siemenssimatic_ipc427dMatch-

Node

siemenssimatic_ipc427e_firmwareRange<21.01.07

AND

siemenssimatic_ipc427eMatch-

Node

siemenssimatic_ipc477d_firmwareMatch-

AND

siemenssimatic_ipc477dMatch-

Node

siemenssimatic_ipc477d_pro_firmwareMatch-

AND

siemenssimatic_ipc477d_proMatch-

Node

siemenssimatic_ipc477e_firmwareRange<21.01.07

AND

siemenssimatic_ipc477eMatch-

Node

siemenssimatic_ipc547d_firmwareRange<7.1.91.3272

AND

siemenssimatic_ipc547dMatch-

Node

siemenssimatic_ipc547e_firmwareRange<9.1.41.3024

AND

siemenssimatic_ipc547eMatch-

Node

siemenssimatic_ipc627c_firmwareRange<6.2.61.3535

AND

siemenssimatic_ipc627cMatch-

Node

siemenssimatic_ipc627d_firmwareRange<9.1.41.3024

AND

siemenssimatic_ipc627dMatch-

Node

siemenssimatic_ipc647c_firmwareRange<6.2.61.3535

AND

siemenssimatic_ipc647cMatch-

Node

siemenssimatic_ipc647d_firmwareRange<9.1.41.3024

AND

siemenssimatic_ipc647dMatch-

Node

siemenssimatic_ipc677d_firmwareRange<9.1.41.3024

AND

siemenssimatic_ipc677dMatch-

Node

siemenssimatic_ipc827c_firmwareRange<6.2.61.3535

AND

siemenssimatic_ipc827cMatch-

Node

siemenssimatic_ipc827d_firmwareRange<9.1.41.3024

AND

siemenssimatic_ipc827dMatch-

Node

siemenssimatic_ipc847c_firmwareRange<6.2.61.3535

AND

siemenssimatic_ipc847cMatch-

Node

siemenssimatic_ipc847d_firmwareRange<9.1.41.3024

AND

siemenssimatic_ipc847dMatch-

Node

siemenssimatic_itp1000_firmwareRange<23.01.03

AND

siemenssimatic_itp1000Match-

Node

siemenssimotion_p320-4s_firmwareRange<17.02.06.83.1

AND

siemenssimotion_p320-4sMatch-

Node

siemenssinumerik_pcu50.5-c_firmwareRange<6.2.61.3535

AND

siemenssinumerik_pcu50.5-cMatch-

Node

siemenssinumerik_pcu50.5-p_firmwareRange<6.2.61.3535

AND

siemenssinumerik_pcu50.5-pMatch-

References

www.securityfocus.com/bid/101918

www.securitytracker.com/id/1039852

cert-portal.siemens.com/productcert/pdf/ssa-892715.pdf

security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr

security.netapp.com/advisory/ntap-20171120-0001/

www.asus.com/News/wzeltG5CjYaIwGJ0

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2017-5711

prion1 cvelist1 ubuntucve1 cve1 openvas1 thn1 lenovo2 huawei1 threatpost1 f51 fortinet1