CVE-2017-5689

Name of the Vulnerable Software and Affected Versions Intel Active Management Technology (AMT) versions (affected versions not specified) Intel Standard Manageability (ISM) versions (affected versions not specified) Intel Small Business Technology (SBT) versions (affected versions not specified)

Description The issue allows an unprivileged network attacker to gain system privileges on Intel manageability SKUs, including Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could also provision manageability features, gaining unprivileged network or local system privileges on Intel manageability SKUs, including Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT). The vulnerability is related to weaknesses in the authentication procedure of the web server module implementing Intel Active Management Technology. Exploitation of the vulnerability may allow a remote attacker to gain access to the device by sending specially crafted HTTP requests.

Recommendations As a temporary workaround, consider disabling the Management Engine (ME) function until a patch is available. Restrict access to the vulnerable Intel Active Management Technology (AMT) module to minimize the risk of exploitation. Avoid using the AMT feature in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.