CVE-2017-5698

Intel Active Management Technology, Intel Standard Manageability, and Intel Small Business Technology firmware versions 11.0.25.3001 and 11.0.26.3000 anti-rollback will not prevent upgrading to firmware version 11.6.x.1xxx which is vulnerable to CVE-2017-5689 and can be performed by a local user with administrative privileges.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.4 MEDIUM
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
intelCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 32%
VendorProductVersion
intelactive_management_technology_firmware
11.0.25.3001
intelactive_management_technology_firmware
11.0.26.3000
intelmanageability_engine_firmware
11.0.25.3001
intelmanageability_engine_firmware
11.0.26.3000
intelsmall_business_technology_firmware
11.0.25.3001
intelsmall_business_technology_firmware
11.0.26.3000
𝑥
= Vulnerable software versions
References
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00082&languageid=en-fr
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00082&languageid=en-fr