Multiple Privilege Escalations in Intel Manageability Engine Firmware
CVE-2017-5708

7.8HIGH

Key Information:

Vendor
Intel
Status
Manageability Engine
Vendor
CVE Published:
21 November 2017

Summary

Multiple privilege escalation vulnerabilities exist in the Intel Manageability Engine Firmware across various versions. These vulnerabilities may allow unauthorized processes to access privileged information and functionalities through unspecified vectors, potentially compromising the integrity of the system.

Affected Version(s)

Manageability Engine 11.0/11.5/11.6/11.7/11.10/11.20

References

http://www.securityfocus.com/bid/101921
vdb-entryx_refsource_BID
https://security.netapp.com/advisory/ntap-20171120-0001/
x_refsource_CONFIRM
http://www.securitytracker.com/id/1039852
vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.