CVE-2017-5698
Description
Intel Active Management Technology, Intel Standard Manageability, and Intel Small Business Technology firmware versions 11.0.25.3001 and 11.0.26.3000 anti-rollback will not prevent upgrading to firmware version 11.6.x.1xxx which is vulnerable to CVE-2017-5689 and can be performed by a local user with administrative privileges.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Intel AMT/SMB/SBT firmware anti-rollback flaw lets local admins upgrade to a vulnerable version (11.6.x.1xxx) affected by CVE-2017-5689.
Vulnerability
Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT) firmware versions 11.0.25.3001 and 11.0.26.3000 contain an anti-rollback protection bypass vulnerability. The firmware does not prevent upgrading to version 11.6.x.1xxx, which is known to be vulnerable to CVE-2017-5689 [1]. This enables a downgrade-style attack that bypasses the intended rollback prevention mechanism.
Exploitation
A local user with administrative privileges can perform the upgrade to the vulnerable 11.6.x.1xxx firmware [1]. The attacker must have physical or remote administrative access to the system. No user interaction beyond the attacker's own privileges is required; the attacker directly initiates the firmware upgrade process.
Impact
Successful exploitation leads to the system being placed in a state where it is susceptible to CVE-2017-5689, which allows arbitrary code execution with kernel or System Management Mode (SMM) privileges [1]. The attacker effectively bypasses firmware integrity protections, gaining a persistent foothold at the firmware level.
Mitigation
Intel has published guidance and recommends updating to firmware versions that are not affected by this anti-rollback bypass [1]. Affected users should apply the latest firmware updates available from their system manufacturer (OEM) to remove the vulnerable 11.6.x.1xxx upgrade path. If no OEM update is available, organizations should restrict administrative access to trusted users only.
AI Insight generated on May 22, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
4- Range: 11.0.25.3001, 11.0.26.3000
- Range: 11.0.25.3001, 11.0.26.3000
- Range: 11.0.25.3001, 11.0.26.3000
- Intel Corporation/Intel Active Management Technology, Intel Standard Manageability, and Intel Small Business Technologyv5Range: version 11.0.25.3001 and 11.0.26.3000
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- security-center.intel.com/advisory.aspxnvdVendor Advisory
News mentions
0No linked articles in our index yet.