Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.2
CVSSv2

CVE-2017-5706

Published: 21/11/2017 Updated: 11/05/2018
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 641
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Intel

Vulnerability Summary

Multiple buffer overflows in kernel in Intel Server Platform Services Firmware 4.0 allow attacker with local access to the system to execute arbitrary code.

Vulnerable Product Search on Vulmon Subscribe to Product

intel server platform services firmware 4.0

Recent Articles

Intel Management Engine pwned by buffer overflow
The Register • Thomas Claburn in San Francisco • 06 Dec 2017

Security researchers lift lid on snafu at Black Hat Europe

On Wednesday, in a presentation at Black Hat Europe, Positive Technologies security researchers Mark Ermolov and Maxim Goryachy plan to explain the firmware flaws they found in Intel Management Engine 11, along with a warning that vendor patches for the vulnerability may not be enough. Two weeks ago, the pair received thanks from Intel for working with the company to disclose the bugs responsibility. At the time, Chipzilla published 10 vulnerability notices affecting its Management Engine (ME), ...

Read more...

References

CWE-119https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-frhttp://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.htmlhttps://security.netapp.com/advisory/ntap-20171120-0001/http://www.securityfocus.com/bid/101906http://www.securitytracker.com/id/1039955https://twitter.com/PTsecurity_UK/status/938447926128291842https://www.asus.com/News/wzeltG5CjYaIwGJ0https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03798en_ushttps://cert-portal.siemens.com/productcert/pdf/ssa-892715.pdfhttps://nvd.nist.govhttps://www.theregister.co.uk/2017/12/06/intel_management_engine_pwned_by_buffer_overflow/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3400CVE-2023-7252CVE-2024-21111denial of serviceCVE-2024-29661CVE-2024-22856remote attackersencryptionCVE-2023-38299
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook