CVE-2017-5698

EUVD-2017-14775
Intel Active Management Technology, Intel Standard Manageability, and Intel Small Business Technology firmware versions 11.0.25.3001 and 11.0.26.3000 anti-rollback will not prevent upgrading to firmware version 11.6.x.1xxx which is vulnerable to CVE-2017-5689 and can be performed by a local user with administrative privileges.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.4 MEDIUM
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 30%
Affected Products (NVD)
VendorProductVersion
intelactive_management_technology_firmware
11.0.25.3001
intelactive_management_technology_firmware
11.0.26.3000
intelmanageability_engine_firmware
11.0.25.3001
intelmanageability_engine_firmware
11.0.26.3000
intelsmall_business_technology_firmware
11.0.25.3001
intelsmall_business_technology_firmware
11.0.26.3000
𝑥
= Vulnerable software versions
References
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00082&languageid=en-fr
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00082&languageid=en-fr