Critical severity9.8CISA KEVNVD Advisory· Published May 2, 2017· Updated Apr 22, 2026
CVE-2017-5689
CVE-2017-5689
Description
An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features gaining unprivileged network or local system privileges on Intel manageability SKUs: Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT).
Affected products
51- cpe:2.3:o:hpe:proliant_ml10_gen9_server_firmware:5.0:*:*:*:*:*:*:*
cpe:2.3:o:intel:active_management_technology_firmware:10.0:*:*:*:*:*:*:*+ 13 more
- cpe:2.3:o:intel:active_management_technology_firmware:10.0:*:*:*:*:*:*:*
- cpe:2.3:o:intel:active_management_technology_firmware:11.0:*:*:*:*:*:*:*
- cpe:2.3:o:intel:active_management_technology_firmware:11.5:*:*:*:*:*:*:*
- cpe:2.3:o:intel:active_management_technology_firmware:11.6:*:*:*:*:*:*:*
- cpe:2.3:o:intel:active_management_technology_firmware:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:intel:active_management_technology_firmware:6.1:*:*:*:*:*:*:*
- cpe:2.3:o:intel:active_management_technology_firmware:6.2:*:*:*:*:*:*:*
- cpe:2.3:o:intel:active_management_technology_firmware:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:intel:active_management_technology_firmware:7.1:*:*:*:*:*:*:*
- cpe:2.3:o:intel:active_management_technology_firmware:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:intel:active_management_technology_firmware:8.1:*:*:*:*:*:*:*
- cpe:2.3:o:intel:active_management_technology_firmware:9.0:*:*:*:*:*:*:*
- cpe:2.3:o:intel:active_management_technology_firmware:9.1:*:*:*:*:*:*:*
- cpe:2.3:o:intel:active_management_technology_firmware:9.5:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:simatic_field_pg_m3_firmware:*:*:*:*:*:*:*:*Range: <6.2.61.3535
- cpe:2.3:o:siemens:simatic_field_pg_m4_firmware:*:*:*:*:*:*:*:*Range: <18.01.06
- cpe:2.3:o:siemens:simatic_field_pg_m5_firmware:*:*:*:*:*:*:*:*Range: <22.01.03
- cpe:2.3:o:siemens:simatic_ipc427d_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:simatic_ipc427e_firmware:*:*:*:*:*:*:*:*Range: <21.01.05
cpe:2.3:o:siemens:simatic_ipc477d_firmware:-:*:*:*:-:*:*:*+ 1 more
- cpe:2.3:o:siemens:simatic_ipc477d_firmware:-:*:*:*:-:*:*:*
- cpe:2.3:o:siemens:simatic_ipc477d_firmware:-:*:*:*:pro:*:*:*
- cpe:2.3:o:siemens:simatic_ipc477e_firmware:*:*:*:*:*:*:*:*Range: <21.01.05
- cpe:2.3:o:siemens:simatic_ipc547d_firmware:*:*:*:*:*:*:*:*Range: <7.1.91.3272
- cpe:2.3:o:siemens:simatic_ipc547e_firmware:*:*:*:*:*:*:*:*Range: <9.1.41.3024
- cpe:2.3:o:siemens:simatic_ipc547g_firmware:*:*:*:*:*:*:*:*Range: <11.0.26.3000
- cpe:2.3:o:siemens:simatic_ipc627c_firmware:*:*:*:*:*:*:*:*Range: <6.2.61.3535
- cpe:2.3:o:siemens:simatic_ipc627d_firmware:*:*:*:*:*:*:*:*Range: <9.1.41.3024
- cpe:2.3:o:siemens:simatic_ipc647c_firmware:*:*:*:*:*:*:*:*Range: <6.2.61.3535
- cpe:2.3:o:siemens:simatic_ipc647d_firmware:*:*:*:*:*:*:*:*Range: <9.1.41.3024
- cpe:2.3:o:siemens:simatic_ipc677c_firmware:*:*:*:*:*:*:*:*Range: <6.2.61.3535
- cpe:2.3:o:siemens:simatic_ipc677d_firmware:*:*:*:*:*:*:*:*Range: <9.1.41.3024
- cpe:2.3:o:siemens:simatic_ipc827c_firmware:*:*:*:*:*:*:*:*Range: <6.2.61.3535
- cpe:2.3:o:siemens:simatic_ipc827d_firmware:*:*:*:*:*:*:*:*Range: <9.1.41.3024
- cpe:2.3:o:siemens:simatic_ipc847c_firmware:*:*:*:*:*:*:*:*Range: <6.2.61.3535
- cpe:2.3:o:siemens:simatic_ipc847d_firmware:*:*:*:*:*:*:*:*Range: <9.1.41.3024
- cpe:2.3:o:siemens:simatic_itp1000_firmware:*:*:*:*:*:*:*:*Range: <9.1.41.3024
cpe:2.3:o:siemens:simatic_pcs_7_ipc427e_firmware:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:siemens:simatic_pcs_7_ipc427e_firmware:*:*:*:*:*:*:*:*range: <21.01.04
- cpe:2.3:o:siemens:simatic_pcs_7_ipc427e_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:simatic_pcs_7_ipc477d_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:simatic_pcs_7_ipc547d_firmware:*:*:*:*:*:*:*:*Range: <7.1.91.3272
- cpe:2.3:o:siemens:simatic_pcs_7_ipc547e_firmware:*:*:*:*:*:*:*:*Range: <9.1.41.3024
- cpe:2.3:o:siemens:simatic_pcs_7_ipc547g_firmware:*:*:*:*:*:*:*:*Range: <11.0.26.3000
- cpe:2.3:o:siemens:simatic_pcs_7_ipc627c_firmware:*:*:*:*:*:*:*:*Range: <6.2.61.3535
- cpe:2.3:o:siemens:simatic_pcs_7_ipc647c_firmware:*:*:*:*:*:*:*:*Range: <6.2.61.3535
- cpe:2.3:o:siemens:simatic_pcs_7_ipc647d_firmware:*:*:*:*:*:*:*:*Range: <9.1.41.3024
- cpe:2.3:o:siemens:simatic_pcs_7_ipc677c_firmware:*:*:*:*:*:*:*:*Range: <6.2.61.3535
- cpe:2.3:o:siemens:simatic_pcs_7_ipc847c_firmware:*:*:*:*:*:*:*:*Range: <6.2.61.3535
- cpe:2.3:o:siemens:simatic_pcs_7_ipc847d_firmware:*:*:*:*:*:*:*:*Range: <9.1.41.3024
- cpe:2.3:o:siemens:simotion_p320-4_s_firmware:*:*:*:*:*:*:*:*Range: <17.02.06.83.1
- cpe:2.3:o:siemens:sinumerik_pcu50.5-p_firmware:*:*:*:*:*:*:*:*Range: <6.2.61.3535
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
12- www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.htmlnvdPatchThird Party Advisory
- security-center.intel.com/advisory.aspxnvdPatchVendor Advisory
- www.embedi.com/files/white-papers/Silent-Bob-is-Silent.pdfnvdBroken LinkExploitTechnical DescriptionThird Party Advisory
- www.securityfocus.com/bid/98269nvdBroken LinkThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1038385nvdBroken LinkThird Party AdvisoryVDB Entry
- cert-portal.siemens.com/productcert/pdf/ssa-874235.pdfnvdThird Party Advisory
- h20566.www2.hpe.com/hpsc/doc/public/displaynvdThird Party Advisory
- security.netapp.com/advisory/ntap-20170509-0001/nvdThird Party Advisory
- www.embedi.com/news/mythbusters-cve-2017-5689nvdBroken LinkThird Party Advisory
- www.tenable.com/blog/rediscovering-the-intel-amt-vulnerabilitynvdTechnical DescriptionThird Party Advisory
- downloadmirror.intel.com/26754/eng/INTEL-SA-00075%20Mitigation%20Guide-Rev%201.1.pdfnvdBroken Link
- www.cisa.gov/known-exploited-vulnerabilities-catalognvdUS Government Resource
News mentions
0No linked articles in our index yet.