1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: Intel AMT Privilege Escalation CVE-2017-5689

Web Attack: Intel AMT Privilege Escalation CVE-2017-5689

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to exploit a privilege escalation vulnerability in Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM).

Additional Information

Multiple Intel products are prone to a privilege-escalation vulnerability. Specifically, the issue exists in the manageability features of the affected products.

An unprivileged network or local attacker can exploit this issue to gain system privileges on Intel manageability SKUs.

Note #1: This vulnerability does not exist on Intel-based consumer PCs.

Note #2: Network attack affects Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM).

Note #3: Local attack affects Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT).

Affected

  • Lenovo ThinkStation S30 0
  • Lenovo Thinkstation P910 0
  • Lenovo ThinkStation P900 0
  • Lenovo Thinkstation P710 0
  • Lenovo ThinkStation P700 0
  • Lenovo Thinkstation P510 0
  • Lenovo ThinkStation P500 0
  • Lenovo Thinkstation P410 0
  • Lenovo ThinkStation P310 0
  • Lenovo ThinkStation P300 0
  • Lenovo ThinkStation E32 0
  • Lenovo ThinkStation E31 0
  • Lenovo ThinkStation E20 0
  • Lenovo ThinkStation D30 0
  • Lenovo ThinkStation C30 0
  • Lenovo ThinkServer TS550 0
  • Lenovo ThinkServer TS540 0
  • Lenovo ThinkServer TS440 0
  • Lenovo ThinkServer TS250 0
  • Lenovo ThinkServer TS240 0
  • Lenovo ThinkServer TS200v 0
  • Lenovo ThinkServer TS150 0
  • Lenovo ThinkServer TS140 0
  • Lenovo ThinkPad Yoga 370 0
  • Lenovo ThinkPad X260 0
  • Lenovo ThinkPad X240s 0
  • Lenovo ThinkPad X240 0
  • Lenovo ThinkPad W550s 0
  • Lenovo ThinkPad W530 0
  • Lenovo ThinkPad W520 0
  • Lenovo ThinkPad T560 0
  • Lenovo ThinkPad T550 0
  • Lenovo ThinkPad T470p 0
  • Lenovo ThinkPad T460s 0
  • Lenovo ThinkPad T460p 0
  • Lenovo ThinkPad T460 0
  • Lenovo ThinkPad T450s 0
  • Lenovo ThinkPad T440p 0
  • Lenovo ThinkPad T431s 0
  • Lenovo ThinkPad T430s 0
  • Lenovo ThinkPad S430 0
  • Lenovo ThinkPad S1 Yoga 12 0
  • Lenovo ThinkPad P70 0
  • Lenovo ThinkPad P51 0
  • Lenovo ThinkPad P50s 0
  • Lenovo ThinkPad P50 0
  • Lenovo ThinkPad L570 0
  • Lenovo ThinkPad L560 0
  • Lenovo ThinkPad L470 0
  • Lenovo ThinkPad L460 0
  • Lenovo Thinkcentre Merton M81 0
  • Lenovo ThinkCentre M93z 0
  • Lenovo ThinkCentre M92Z 0
  • Lenovo ThinkCentre M910z 0
  • Lenovo ThinkCentre M910x 0
  • Lenovo ThinkCentre M910t 0
  • Lenovo ThinkCentre M910s 0
  • Lenovo ThinkCentre M910q 0
  • Lenovo ThinkCentre M90z 0
  • Lenovo ThinkCentre M900Z 0
  • Lenovo ThinkCentre M900 0
  • Lenovo ThinkCentre M83 (Tiny) 0
  • Lenovo ThinkCentre M83 0
  • Lenovo ThinkCentre M800 0
  • Lenovo ThinkCentre M710q 0
  • Lenovo ThinkCentre M700 Tiny 0
  • Lenovo ThinkCentre Edge92 0
  • Lenovo ThinkCentre E63z (AIO) FQKT33A
  • Intel Standard Manageability 9.5
  • Intel Standard Manageability 9.1
  • Intel Standard Manageability 9.0
  • Intel Standard Manageability 8.1
  • Intel Standard Manageability 8.0
  • Intel Standard Manageability 7.1
  • Intel Standard Manageability 7.0
  • Intel Standard Manageability 6.2
  • Intel Standard Manageability 6.1
  • Intel Standard Manageability 6.0
  • Intel Standard Manageability 11.6
  • Intel Standard Manageability 11.5
  • Intel Standard Manageability 11.0
  • Intel Standard Manageability 10.0
  • Intel Small Business Technology 9.5
  • Intel Small Business Technology 9.1
  • Intel Small Business Technology 9.0
  • Intel Small Business Technology 8.1
  • Intel Small Business Technology 8.0
  • Intel Small Business Technology 7.1
  • Intel Small Business Technology 7.0
  • Intel Small Business Technology 6.2
  • Intel Small Business Technology 6.1
  • Intel Small Business Technology 6.0
  • Intel Small Business Technology 11.6
  • Intel Small Business Technology 11.5
  • Intel Small Business Technology 11.0
  • Intel Small Business Technology 10.0
  • Intel Active Management Technology 9.5
  • Intel Active Management Technology 9.1
  • Intel Active Management Technology 9.0
  • Intel Active Management Technology 8.1
  • Intel Active Management Technology 8.0
  • Intel Active Management Technology 7.1
  • Intel Active Management Technology 7.0
  • Intel Active Management Technology 6.2
  • Intel Active Management Technology 6.1
  • Intel Active Management Technology 6.0
  • Intel Active Management Technology 11.6
  • Intel Active Management Technology 11.5
  • Intel Active Management Technology 11.0
  • Intel Active Management Technology 10.0
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube