CVE-2017-5691

9CRITICAL

Key Information:

Vendor
Intel
Status
6th And 7th Generation Intel Core Processor Families, Intel Xeon E3-1500m V5 And V6 Processor Families, And Intel Xeon E3-1200 V5 And V6 Product Families.
Vendor
CVE Published:
26 July 2017

Summary

Incorrect check in Intel processors from 6th and 7th Generation Intel Core Processor Families, Intel Xeon E3-1500M v5 and v6 Product Families, and Intel Xeon E3-1200 v5 and v6 Product Families allows compromised system firmware to impact SGX security via incorrect early system state.

Affected Version(s)

6th and 7th Generation Intel Core Processor Families, Intel Xeon E3-1500M v5 and v6 Processor Families, and Intel Xeon E3-1200 v5 and v6 Product Families. 6th and 7th Generation Intel Core Processor Families, Intel Xeon E3-1500M v5 and v6 Processor Families, and Intel Xeon E3-1200 v5 and v6 Product Families.

References

https://security-center.intel.com/advisory.aspx?intelid=I...
x_refsource_CONFIRM
https://support.lenovo.com/us/en/product_security/LEN-15184
x_refsource_CONFIRM
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLo...
x_refsource_CONFIRM

CVSS V3.1

Score:
9
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.