CVE-2017-5689

Intel Active Management Technology (AMT), Small Business Technology (SBT), and Standard Manageability Privilege Escalation Vulnerability

Severity Score

9.8

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

Yes

*KEV

Decision

Act

*SSVC

Descriptions

An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features gaining unprivileged network or local system privileges on Intel manageability SKUs: Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT).

Un atacante de red sin privilegios podría alcanzar privilegios del sistema para aprovisionar SKUs de administrabilidad Intel: Intel Active Management Technology (AMT) e Intel Standard Manageability (ISM). Un atacante local sin privilegios podría aprovisionar características de administrabilidad alcanzando privilegios de red o sistema local no privilegiados en SKUs de administrabilidad de Intel: Intel Active Management Technology (AMT), Intel Standard Manageability (ISM) e Intel Small Business Technology (SBT).

A potential security vulnerability has been identified in HPE ML10 Gen 9 Server using Intel Xeon E3-1200 v5 Processor. The vulnerability could be remotely exploited to allow access restriction bypass. **Note:** On May 1st, 2017, Intel disclosed a new vulnerability with their Intel Manageability Firmware which is utilized on some systems containing Intel processors. This vulnerability allows an unprivileged network or local attacker to gain control of the remote manageability features of Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT) platforms. Do not attempt to upgrade the ME FW without following the instructions detailed in the Resolution section. Refer to the "Platform Specific Information" section in the Resolution for more specific information on upgrades for specific ProLiant servers. Revision 1 of this advisory.

Intel products contain a vulnerability which can allow attackers to perform privilege escalation.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:Act

Exploitation

Active

Automatable

Yes

Tech. Impact

Total

* Organization's Worst-case Scenario

Timeline

2017-02-01 CVE Reserved
2017-05-02 CVE Published
2017-05-04 First Exploit
2022-01-28 Exploited in Wild
2022-07-28 KEV Due Date
2025-02-07 CVE Updated
2025-05-14 EPSS Updated

CWE

CWE-269: Improper Privilege Management

CAPEC

References (21)

URL	Tag	Source
http://www.securityfocus.com/bid/98269	Third Party Advisory
http://www.securitytracker.com/id/1038385	Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-874235.pdf	Third Party Advisory
https://downloadmirror.intel.com/26754/eng/INTEL-SA-00075%20Mitigation%20Guide-Rev%201.1.pdf	Broken Link
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03754en_us	Third Party Advisory
https://security.netapp.com/advisory/ntap-20170509-0001	Third Party Advisory
https://www.embedi.com/news/mythbusters-cve-2017-5689	Third Party Advisory
https://www.tenable.com/blog/rediscovering-the-intel-amt-vulnerability	Technical Description
http://web.archive.org/web/20191225124314/https://www.embedi.com/news/what-you-need-know-about-intel-amt-vulnerability
http://web.archive.org/web/20250208090258/https://www.intel.com/content/www/us/en/security-center/default.html?intelid=INTEL-SA-00075

URL	Date	SRC
https://packetstorm.news/files/id/181118	2024-09-01
https://www.exploit-db.com/exploits/43385	2018-01-08
https://github.com/CerberusSecurity/CVE-2017-5689	2017-05-04
https://github.com/TheWay-hue/CVE-2017-5689-Checker	2021-07-14
https://github.com/haxrob/amthoneypot	2024-09-21
https://github.com/Bijaye/intel_amt_bypass	2022-03-07
https://github.com/embedi/amt_auth_bypass_poc	2024-07-20
https://github.com/MlSebrell/amthoneypot	2021-08-26
https://www.embedi.com/files/white-papers/Silent-Bob-is-Silent.pdf	2025-02-07

URL	Date	SRC
http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html	2020-02-18
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075&languageid=en-fr	2020-02-18

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Intel Search vendor "Intel"		Active Management Technology Firmware Search vendor "Intel" for product "Active Management Technology Firmware"				6.0 Search vendor "Intel" for product "Active Management Technology Firmware" and version "6.0"		-		Affected
Intel Search vendor "Intel"		Active Management Technology Firmware Search vendor "Intel" for product "Active Management Technology Firmware"				6.1 Search vendor "Intel" for product "Active Management Technology Firmware" and version "6.1"		-		Affected
Intel Search vendor "Intel"		Active Management Technology Firmware Search vendor "Intel" for product "Active Management Technology Firmware"				6.2 Search vendor "Intel" for product "Active Management Technology Firmware" and version "6.2"		-		Affected
Intel Search vendor "Intel"		Active Management Technology Firmware Search vendor "Intel" for product "Active Management Technology Firmware"				7.0 Search vendor "Intel" for product "Active Management Technology Firmware" and version "7.0"		-		Affected
Intel Search vendor "Intel"		Active Management Technology Firmware Search vendor "Intel" for product "Active Management Technology Firmware"				7.1 Search vendor "Intel" for product "Active Management Technology Firmware" and version "7.1"		-		Affected
Intel Search vendor "Intel"		Active Management Technology Firmware Search vendor "Intel" for product "Active Management Technology Firmware"				8.0 Search vendor "Intel" for product "Active Management Technology Firmware" and version "8.0"		-		Affected
Intel Search vendor "Intel"		Active Management Technology Firmware Search vendor "Intel" for product "Active Management Technology Firmware"				8.1 Search vendor "Intel" for product "Active Management Technology Firmware" and version "8.1"		-		Affected
Intel Search vendor "Intel"		Active Management Technology Firmware Search vendor "Intel" for product "Active Management Technology Firmware"				9.0 Search vendor "Intel" for product "Active Management Technology Firmware" and version "9.0"		-		Affected
Intel Search vendor "Intel"		Active Management Technology Firmware Search vendor "Intel" for product "Active Management Technology Firmware"				9.1 Search vendor "Intel" for product "Active Management Technology Firmware" and version "9.1"		-		Affected
Intel Search vendor "Intel"		Active Management Technology Firmware Search vendor "Intel" for product "Active Management Technology Firmware"				9.5 Search vendor "Intel" for product "Active Management Technology Firmware" and version "9.5"		-		Affected
Intel Search vendor "Intel"		Active Management Technology Firmware Search vendor "Intel" for product "Active Management Technology Firmware"				10.0 Search vendor "Intel" for product "Active Management Technology Firmware" and version "10.0"		-		Affected
Intel Search vendor "Intel"		Active Management Technology Firmware Search vendor "Intel" for product "Active Management Technology Firmware"				11.0 Search vendor "Intel" for product "Active Management Technology Firmware" and version "11.0"		-		Affected
Intel Search vendor "Intel"		Active Management Technology Firmware Search vendor "Intel" for product "Active Management Technology Firmware"				11.5 Search vendor "Intel" for product "Active Management Technology Firmware" and version "11.5"		-		Affected
Intel Search vendor "Intel"		Active Management Technology Firmware Search vendor "Intel" for product "Active Management Technology Firmware"				11.6 Search vendor "Intel" for product "Active Management Technology Firmware" and version "11.6"		-		Affected