VDB
CVE-2017-5712
CVE-2017-5712
PUBLISHED
CVSS 7.199999809265137 HIGH
Buffer overflow in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allows attacker with remote Admin access to the system to execute arbitrary code with AMT execution privilege.
EPSS 2.44% · 85.5th percentile
Risk Scores
CVSS 3.1
7.199999809265137
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS Score
2.44%
85.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| asus | rog_maximus_ix_code_firmware | |
| asus | prime_b250m-j_firmware | |
| siemens | simatic_itp1000_firmware | 0 |
| asus | h110m-c\/ps_firmware | |
| asus | h110m-e\/m.2_firmware | |
| intel | manageability_engine_firmware | 8.0.0.0, 11.6, 9.0.0.0 |
| asus | rog_strix_z270e_gaming_firmware | |
| asus | rog_maximus_viii_extreme_firmware | |
| asus | h110m-c2_firmware | |
| asus | h110m-plus_firmware | |
| asus | ex-b250m-v5_firmware | |
| asus | prime_h270m-plus_firmware | |
| asus | z170_pro_gaming_firmware | |
| asus | prime_b250m-plus_firmware | |
| asus | rog_maximus_x_code_firmware | |
| asus | h170m-e_d3_firmware | |
| Intel Corporation | Active Management Technology | 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 |
| asus | h110m-k_d3_firmware | |
| asus | z170-p_d3_firmware | |
| asus | q170m2_firmware |
…and 179 more
Exploit Intelligence
- ROCA attack on vulnerability CVE-2017-15361 (github-poc)
- ROCA attack on vulnerability CVE-2017-15361 (github-poc)
- ROCA attack on vulnerability CVE-2017-15361 (github-poc)
- ROCA attack on vulnerability CVE-2017-15361 (github-poc)
- ROCA attack on vulnerability CVE-2017-15361 (github-poc)
- Reimplementation of CVE-2017-15361 checker in C (github-poc)
- Reimplementation of CVE-2017-15361 checker in C (github-poc)
- Reimplementation of CVE-2017-15361 checker in C (github-poc)
- Reimplementation of CVE-2017-15361 checker in C (github-poc)
- Reimplementation of CVE-2017-15361 checker in C (github-poc)
…and 26 more exploits
Timeline
- Nov 20, 2017 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Feb 28, 2022 EPSS Score
- May 2, 2022 EPSS Score
- Sep 5, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
- Jan 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- May 13, 2023 EPSS Score
References
- https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-470231.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-168644.pdf advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-892715.pdf advisory
- http://www.securityfocus.com/bid/101920 url
- https://security.netapp.com/advisory/ntap-20171120-0001/ url
- 1039852 vdb
- https://www.asus.com/News/wzeltG5CjYaIwGJ0 url
- https://nvd.nist.gov/vuln/detail/CVE-2017-5712 advisory
- https://security.netapp.com/advisory/ntap-20171120-0001 url