SB2017112203 - Arbitrary code execution in Intel Manageability Firmware

Description

This security bulletin contains information about 4 secuirty vulnerabilities.

1) Buffer overflow (CVE-ID: CVE-2017-5705)

The vulnerability allows a local attacker to execute arbitrary code on the target system.

The weakness exists due to multiple buffer overflows in kernel. A local attacker can send a specially crafted request, trigger memory corruption, execute arbitrary code and compromise the vulnerable system.

2) Buffer overflow (CVE-ID: CVE-2017-5708)

The vulnerability allows a local attacker to execute arbitrary code on the target system.

The weakness exists due to multiple buffer overflows in Active Management Technology (AMT). A local attacker with access to the system can send a specially crafted request, trigger memory corruption, execute arbitrary code with AMT execution privilege and compromise the vulnerable system.

3) Buffer overflow (CVE-ID: CVE-2017-5711)

The vulnerability allows a local attacker to execute arbitrary code on the target system.

The weakness exists due to multiple buffer overflows in Active Management Technology (AMT). A local attacker with access to the system can send a specially crafted request, trigger memory corruption, execute arbitrary code with AMT execution privilege and compromise the vulnerable system.

4) Buffer overflow (CVE-ID: CVE-2017-5712)

The vulnerability allows a remote administrator to execute arbitrary code on the target system.

The weakness exists due to buffer overflow in Active Management Technology (AMT). A remote attacker with access to the system can send a specially crafted request, trigger memory corruption, execute arbitrary code with AMT execution privilege and compromise the vulnerable system.

Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

References

• https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr