var-201711-0651
Vulnerability from variot
Buffer overflow in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allows attacker with remote Admin access to the system to execute arbitrary code with AMT execution privilege. Intel Manageability Engine The Intel Management Engine is Intel's thermal management driver for its desktop family of chipsets. Failed exploits may result in denial-of-service conditions. Intel Manageability Engine versions 8.x, 9.x, 10.x, 11.0,11.5, 11.6, 11.7, 11.10, and 11.20 are vulnerable. Intel Xeon Processor E3-1200 and others are CPUs (Central Processing Units) of Intel Corporation. Active Management Technology (AMT) is one of the active management components. The following products and firmware are affected: Intel Manageability Engine Firmware Version 8.x, Version 9.x, Version 10.x, Version 11.0, Version 11.5, Version 11.6, Version 11.7, Version 11.10, Version 11.20; Intel 6th, 7th and 8th Generation Intel Core Processor Family; Intel Xeon Processor E3-1200 v5 and v6 Product Family; Intel Xeon Processor Scalable Family; Intel Xeon Processor W Family; Intel Atom C3000 Processor Family; Apollo Lake Intel Atom Processor E3900 series; Apollo Lake Intel Pentium; Celeron N and J series Processors
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201711-0651", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "manageability engine", scope: "eq", trust: 2.5, vendor: "intel", version: "11.7", }, { model: "manageability engine", scope: "eq", trust: 2.5, vendor: "intel", version: "11.6", }, { model: "manageability engine", scope: "eq", trust: 2.5, vendor: "intel", version: "11.5", }, { model: "manageability engine", scope: "eq", trust: 2.5, vendor: "intel", version: "11.20", }, { model: "manageability engine", scope: "eq", trust: 2.5, vendor: "intel", version: "11.10", }, { model: "manageability engine", scope: "eq", trust: 2.5, vendor: "intel", version: "11.0", }, { model: "active management technology", scope: "eq", trust: 1.6, vendor: "intel", version: null, }, { model: "simatic ipc827c", scope: "lt", trust: 1, vendor: "siemens", version: "6.2.61.3535", }, { model: "rog maximus ix extreme", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "sinumerik pcu50.5-p", scope: "lt", trust: 1, vendor: "siemens", version: "6.2.61.3535", }, { model: "b150m-c", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "rog strix z270h gaming\\/k1", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "q170t v2", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "simotion p320-4s", scope: "lt", trust: 1, vendor: "siemens", version: "17.02.06.83.1", }, { model: "rog strix z270i gaming", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "b250 mining expert", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "prime j3355i-c", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "ex-b150m-v3", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "q170m2", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "rog strix z370-i gaming", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "z170m-e d3", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "prime b250m-plus", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "sabertooth z170 mark 1", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "b150 pro gaming\\/aura", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "h170-plus d3", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "rog strix z370-h gaming", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "q170t", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "h110m-c2\\/tf", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "rog maximus x code", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "manageability engine", scope: "lte", trust: 1, vendor: "intel", version: "9.1.41.3024", }, { model: "manageability engine", scope: "lte", trust: 1, vendor: "intel", version: "10.0.55.3000", }, { model: "h110m-c2", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "rog strix z370-e gaming", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "simatic ipc547d", scope: "lt", trust: 1, vendor: "siemens", version: "7.1.91.3272", }, { model: "prime z270-p", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "rog strix z270h gaming", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "tuf z370-plus gaming", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "h170 pro gaming", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "z170-a", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "simatic ipc627c", scope: "lt", trust: 1, vendor: "siemens", version: "6.2.61.3535", }, { model: "prime z270-k", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "simatic ipc677d", scope: "lt", trust: 1, vendor: "siemens", version: "9.1.41.3024", }, { model: "b150m-plus", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "simatic ipc847c", scope: "lt", trust: 1, vendor: "siemens", version: "6.2.61.3535", }, { model: "h110i-plus", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "h110m-ks", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "z170i pro gaming", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "h110m-e\\/m.2", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "prime h110m-p", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "h170m-plus", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "h110m-c", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "simatic ipc827d", scope: "lt", trust: 1, vendor: "siemens", version: "9.1.41.3024", }, { model: "z170m-plus", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "b250-mr", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "pio-b250i", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "h110m-c\\/hdmi", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "b250m-f plus", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "prime b250m-d", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "z170-p", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "rog maximus ix formula", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "simatic ipc477d", scope: "eq", trust: 1, vendor: "siemens", version: null, }, { model: "simatic field pg m5", scope: "lt", trust: 1, vendor: "siemens", version: "22.01.04", }, { model: "rog strix b250f gaming", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "h170m-plus\\/br", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "z170 pro gaming", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "h110m-a\\/dp", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "b150-pro d3", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "prime h110m2\\/fpt", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "simatic ipc647d", scope: "lt", trust: 1, vendor: "siemens", version: "9.1.41.3024", }, { model: "z170-ar", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "h170-pro\\/usb 3.1", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "h110m-k x", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "simatic itp1000", scope: "lt", trust: 1, vendor: "siemens", version: "23.01.03", }, { model: "rog maximus ix hero", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "h170i-pro", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "h110m-cs", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "rog strix z270f gaming", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "manageability engine", scope: "gte", trust: 1, vendor: "intel", version: "9.0.0.0", }, { model: "ex-h110m-v", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "rog maximus x formula", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "manageability engine", scope: "gte", trust: 1, vendor: "intel", version: "8.0.0.0", }, { model: "manageability engine", scope: "lte", trust: 1, vendor: "intel", version: "8.1.71.3608", }, { model: "b150-plus", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "h110m-a d3", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "z170-k", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "prime h270-pro", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "simatic ipc477d pro", scope: "eq", trust: 1, vendor: "siemens", version: null, }, { model: "h170-pro", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "h110m-ts", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "b150m pro gaming", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "prime b250-plus", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "b150m-v plus", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "q170m-cm-b", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "rog strix z370-g gaming", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "ex-b250-v7", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "h110m-k d3", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "h110m-ks r1", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "rog maximus viii gene", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "h110s2", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "ex-b250m-v", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "prime b250m-a", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "rog maximus viii formula", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "b150m-c\\/br", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "q170s1", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "tuf z370-pro gaming", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "prime z270-ar", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "b150m-d", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "simatic ipc627d", scope: "lt", trust: 1, vendor: "siemens", version: "9.1.41.3024", }, { model: "ex-h110m-v3", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "prime z270m-plus\\/br", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "z170-deluxe", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "q170m-c", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "ex-b250m-v3", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "tuf z270 mark 2", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "z170-p d3", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "rog strix b250g gaming", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "rog strix h270f gaming", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "h110m-plus", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "b150m-k d3", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "rog maximus ix apex", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "simatic ipc647c", scope: "lt", trust: 1, vendor: "siemens", version: "6.2.61.3535", }, { model: "b150m-a", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "h110m-e", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "h110m-r", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "prime z270-a", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "simatic ipc847d", scope: "lt", trust: 1, vendor: "siemens", version: "9.1.41.3024", }, { model: "rog maximus viii ranger", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "h110m-f", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "b150m-f plus", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "h110m-a\\/m.2", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "rog strix b250h gaming", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "rog strix z370-f gaming", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "pio-b150m", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "b150-a", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "b150 pro gaming d3", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "tuf z270 mark 1", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "rog maximus viii hero alpha", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "h110-plus", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "simatic field pg m4", scope: "lt", trust: 1, vendor: "siemens", version: "18.01.06", }, { model: "z170-pro", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "rog strix z270e gaming", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "rog maximus viii extreme", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "b150i pro gaming\\/aura", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "rog maximus viii hero", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "b150i pro gaming\\/wifi\\/aura", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "b150m-a d3", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "q170m2\\/cdm\\/si", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "z170m-plus\\/br", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "trooper h110 d3", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "prime b250-pro", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "z170 pro gaming\\/aura", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "prime q270m-c", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "prime z370-a", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "b150m-plus d3", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "trooper b150 d3", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "prime h270-plus", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "simatic ipc427e", scope: "lt", trust: 1, vendor: "siemens", version: "21.01.07", }, { model: "h110m-d\\/exper\\/si", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "prime z270m-plus", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "prime h110m2", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "b150 pro gaming", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "b150m-a\\/m.2", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "h110t-a", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "z170-premium", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "h110s1", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "h110m-cs x", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "prime b250m-plus\\/br", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "ex-b150m-v5", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "prime z370-p", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "prime b250-a", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "b150-pro", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "sabertooth z170 s", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "h110m-c\\/br", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "h110m-c\\/ps", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "h110m-k", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "h110m-cs\\/br", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "rog maximus x hero", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "rog maximus ix code", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "z170-e", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "simatic field pg m3", scope: "lt", trust: 1, vendor: "siemens", version: "6.2.61.3535", }, { model: "prime b250m-k", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "rog maximus x apex", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "q270m-cm-a", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "simatic ipc677c", scope: "lt", trust: 1, vendor: "siemens", version: "6.2.61.3535", }, { model: "h170m-e d3", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "b250-s", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "simatic ipc427d", scope: "eq", trust: 1, vendor: "siemens", version: null, }, { model: "ex-b250m-v5", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "sinumerik pcu50.5-c", scope: "lt", trust: 1, vendor: "siemens", version: "6.2.61.3535", }, { model: "h110m-p\\/dvi", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "rog strix b250i gaming", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "b150m-c d3", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "h110t", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "b250m-c pro", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "b150m-k", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "prime h270m-plus", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "simatic ipc547e", scope: "lt", trust: 1, vendor: "siemens", version: "9.1.41.3024", }, { model: "rog strix h270i gaming", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "h110m-d", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "manageability engine", scope: "gte", trust: 1, vendor: "intel", version: "10.0.0.0", }, { model: "rog maximus viii impact", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "simatic ipc477e", scope: "lt", trust: 1, vendor: "siemens", version: "21.01.07", }, { model: "ex-b150-v7", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "ex-b150m-v", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "prime b250m-c", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "q270-s", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "rog strix z270g gaming", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "prime b250m-j", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "h110m-a", scope: "eq", trust: 1, vendor: "asus", version: null, }, { model: "manageability engine", scope: "eq", trust: 0.9, vendor: "intel", version: "9.0", }, { model: "manageability engine", scope: "eq", trust: 0.9, vendor: "intel", version: "8.0", }, { model: "manageability engine", scope: "eq", trust: 0.9, vendor: "intel", version: "10.0", }, { model: "active management technology", scope: null, trust: 0.8, vendor: "intel", version: null, }, { model: "manageability engine", scope: null, trust: 0.8, vendor: "intel", version: null, }, { model: null, scope: "eq", trust: 0.6, vendor: "manageability engine", version: "*", }, { model: null, scope: "eq", trust: 0.2, vendor: "manageability engine", version: "11.0", }, { model: null, scope: "eq", trust: 0.2, vendor: "manageability engine", version: "11.5", }, { model: null, scope: "eq", trust: 0.2, vendor: "manageability engine", version: "11.6", }, { model: null, scope: "eq", trust: 0.2, vendor: "manageability engine", version: "11.7", }, { model: null, scope: "eq", trust: 0.2, vendor: "manageability engine", version: "11.10", }, { model: null, scope: "eq", trust: 0.2, vendor: "manageability engine", version: "11.20", }, { model: null, scope: "eq", trust: 0.2, vendor: "active management", version: null, }, ], sources: [ { db: "IVD", id: "e2e06b61-39ab-11e9-9e0b-000c29342cb1", }, { db: "CNVD", id: "CNVD-2017-37852", }, { db: "BID", id: "101920", }, { db: "JVNDB", id: "JVNDB-2017-010525", }, { db: "CNNVD", id: "CNNVD-201711-880", }, { db: "NVD", id: "CVE-2017-5712", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/o:intel:active_management_technology_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:intel:manageability_engine_firmware", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2017-010525", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "The vendor reported this issue.", sources: [ { db: "BID", id: "101920", }, ], trust: 0.3, }, cve: "CVE-2017-5712", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "nvd@nist.gov", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", exploitabilityScore: 8, id: "CVE-2017-5712", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 1.8, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", exploitabilityScore: 8, id: "CNVD-2017-37852", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "IVD", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", exploitabilityScore: 8, id: "e2e06b61-39ab-11e9-9e0b-000c29342cb1", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.2, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.9 [IVD]", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "VULHUB", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", exploitabilityScore: 8, id: "VHN-113915", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.1, vectorString: "AV:N/AC:L/AU:S/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.2, id: "CVE-2017-5712", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 7.2, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2017-5712", impactScore: null, integrityImpact: "High", privilegesRequired: "High", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2017-5712", trust: 1, value: "HIGH", }, { author: "NVD", id: "CVE-2017-5712", trust: 0.8, value: "High", }, { author: "CNVD", id: "CNVD-2017-37852", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-201711-880", trust: 0.6, value: "HIGH", }, { author: "IVD", id: "e2e06b61-39ab-11e9-9e0b-000c29342cb1", trust: 0.2, value: "CRITICAL", }, { author: "VULHUB", id: "VHN-113915", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "IVD", id: "e2e06b61-39ab-11e9-9e0b-000c29342cb1", }, { db: "CNVD", id: "CNVD-2017-37852", }, { db: "VULHUB", id: "VHN-113915", }, { db: "JVNDB", id: "JVNDB-2017-010525", }, { db: "CNNVD", id: "CNNVD-201711-880", }, { db: "NVD", id: "CVE-2017-5712", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Buffer overflow in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allows attacker with remote Admin access to the system to execute arbitrary code with AMT execution privilege. Intel Manageability Engine The Intel Management Engine is Intel's thermal management driver for its desktop family of chipsets. Failed exploits may result in denial-of-service conditions. \nIntel Manageability Engine versions 8.x, 9.x, 10.x, 11.0,11.5, 11.6, 11.7, 11.10, and 11.20 are vulnerable. Intel Xeon Processor E3-1200 and others are CPUs (Central Processing Units) of Intel Corporation. Active Management Technology (AMT) is one of the active management components. The following products and firmware are affected: Intel Manageability Engine Firmware Version 8.x, Version 9.x, Version 10.x, Version 11.0, Version 11.5, Version 11.6, Version 11.7, Version 11.10, Version 11.20; Intel 6th, 7th and 8th Generation Intel Core Processor Family; Intel Xeon Processor E3-1200 v5 and v6 Product Family; Intel Xeon Processor Scalable Family; Intel Xeon Processor W Family; Intel Atom C3000 Processor Family; Apollo Lake Intel Atom Processor E3900 series; Apollo Lake Intel Pentium; Celeron N and J series Processors", sources: [ { db: "NVD", id: "CVE-2017-5712", }, { db: "JVNDB", id: "JVNDB-2017-010525", }, { db: "CNVD", id: "CNVD-2017-37852", }, { db: "BID", id: "101920", }, { db: "IVD", id: "e2e06b61-39ab-11e9-9e0b-000c29342cb1", }, { db: "VULHUB", id: "VHN-113915", }, ], trust: 2.7, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2017-5712", trust: 3.6, }, { db: "BID", id: "101920", trust: 2.6, }, { db: "SECTRACK", id: "1039852", trust: 1.7, }, { db: "SIEMENS", id: "SSA-892715", trust: 1.7, }, { db: "CNNVD", id: "CNNVD-201711-880", trust: 0.9, }, { db: "CNVD", id: "CNVD-2017-37852", trust: 0.8, }, { db: "ICS CERT", id: "ICSA-18-060-01", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2017-010525", trust: 0.8, }, { db: "IVD", id: "E2E06B61-39AB-11E9-9E0B-000C29342CB1", trust: 0.2, }, { db: "VULHUB", id: "VHN-113915", trust: 0.1, }, ], sources: [ { db: "IVD", id: "e2e06b61-39ab-11e9-9e0b-000c29342cb1", }, { db: "CNVD", id: "CNVD-2017-37852", }, { db: "VULHUB", id: "VHN-113915", }, { db: "BID", id: "101920", }, { db: "JVNDB", id: "JVNDB-2017-010525", }, { db: "CNNVD", id: "CNNVD-201711-880", }, { db: "NVD", id: "CVE-2017-5712", }, ], }, id: "VAR-201711-0651", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "IVD", id: "e2e06b61-39ab-11e9-9e0b-000c29342cb1", }, { db: "CNVD", id: "CNVD-2017-37852", }, { db: "VULHUB", id: "VHN-113915", }, ], trust: 1.48846155, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.8, }, ], sources: [ { db: "IVD", id: "e2e06b61-39ab-11e9-9e0b-000c29342cb1", }, { db: "CNVD", id: "CNVD-2017-37852", }, ], }, last_update_date: "2024-11-23T21:53:34.178000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "INTEL-SA-00086", trust: 0.8, url: "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr", }, { title: "NTAP-20171120-0001", trust: 0.8, url: "https://security.netapp.com/advisory/ntap-20171120-0001/", }, { title: "Patch for Intel Manageability Engine Buffer Overflow Vulnerability (CNVD-2017-37852)", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/111453", }, { title: "Multiple Intel product Intel Manageability Engine Firmware Buffer error vulnerability fix", trust: 0.6, url: "http://123.124.177.30/web/xxk/bdxqById.tag?id=76612", }, ], sources: [ { db: "CNVD", id: "CNVD-2017-37852", }, { db: "JVNDB", id: "JVNDB-2017-010525", }, { db: "CNNVD", id: "CNNVD-201711-880", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-119", trust: 1.9, }, ], sources: [ { db: "VULHUB", id: "VHN-113915", }, { db: "JVNDB", id: "JVNDB-2017-010525", }, { db: "NVD", id: "CVE-2017-5712", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.5, url: "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00086&languageid=en-fr", }, { trust: 1.7, url: "http://www.securityfocus.com/bid/101920", }, { trust: 1.7, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-892715.pdf", }, { trust: 1.7, url: "https://security.netapp.com/advisory/ntap-20171120-0001/", }, { trust: 1.7, url: "https://www.asus.com/news/wzeltg5cjyaiwgj0", }, { trust: 1.7, url: "http://www.securitytracker.com/id/1039852", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5712", }, { trust: 0.8, url: "https://www.us-cert.gov/ics/advisories/icsa-18-060-01", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2017-5712", }, { trust: 0.3, url: "http://www.intel.com/content/www/us/en/homepage.html", }, { trust: 0.1, url: "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00086&languageid=en-fr", }, ], sources: [ { db: "CNVD", id: "CNVD-2017-37852", }, { db: "VULHUB", id: "VHN-113915", }, { db: "BID", id: "101920", }, { db: "JVNDB", id: "JVNDB-2017-010525", }, { db: "CNNVD", id: "CNNVD-201711-880", }, { db: "NVD", id: "CVE-2017-5712", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "IVD", id: "e2e06b61-39ab-11e9-9e0b-000c29342cb1", }, { db: "CNVD", id: "CNVD-2017-37852", }, { db: "VULHUB", id: "VHN-113915", }, { db: "BID", id: "101920", }, { db: "JVNDB", id: "JVNDB-2017-010525", }, { db: "CNNVD", id: "CNNVD-201711-880", }, { db: "NVD", id: "CVE-2017-5712", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2017-12-22T00:00:00", db: "IVD", id: "e2e06b61-39ab-11e9-9e0b-000c29342cb1", }, { date: "2017-12-22T00:00:00", db: "CNVD", id: "CNVD-2017-37852", }, { date: "2017-11-21T00:00:00", db: "VULHUB", id: "VHN-113915", }, { date: "2017-11-20T00:00:00", db: "BID", id: "101920", }, { date: "2017-12-18T00:00:00", db: "JVNDB", id: "JVNDB-2017-010525", }, { date: "2017-11-24T00:00:00", db: "CNNVD", id: "CNNVD-201711-880", }, { date: "2017-11-21T14:29:00.540000", db: "NVD", id: "CVE-2017-5712", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2017-12-22T00:00:00", db: "CNVD", id: "CNVD-2017-37852", }, { date: "2018-05-11T00:00:00", db: "VULHUB", id: "VHN-113915", }, { date: "2017-12-19T22:00:00", db: "BID", id: "101920", }, { date: "2019-07-10T00:00:00", db: "JVNDB", id: "JVNDB-2017-010525", }, { date: "2023-05-23T00:00:00", db: "CNNVD", id: "CNNVD-201711-880", }, { date: "2024-11-21T03:28:16.610000", db: "NVD", id: "CVE-2017-5712", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201711-880", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Intel Manageability Engine Firmware of Active Management Technology Buffer error vulnerability", sources: [ { db: "JVNDB", id: "JVNDB-2017-010525", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "buffer error", sources: [ { db: "CNNVD", id: "CNNVD-201711-880", }, ], trust: 0.6, }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.