CVE-2017-5710

Name of the Vulnerable Software and Affected Versions Intel Trusted Execution Engine Firmware version 3.0

Description The issue concerns multiple privilege escalations in the kernel of Intel Trusted Execution Engine Firmware. These escalations can allow an unauthorized process to access privileged content. The problem is related to buffer overflow and insufficient access control restrictions in the Intel Trusted Execution Engine (TXE) subsystem of the Platform Controller Hub (PCH) microchip family, which acts as a south bridge. Exploitation of these issues can enable an attacker to elevate their privileges.

Recommendations For Intel Trusted Execution Engine Firmware version 3.0, consider restricting access to sensitive areas of the firmware to minimize the risk of exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.