HTTP: Intel Active Management Technology Remote Privilege Escalation
This signature detects attempts to exploit a known vulnerability in Intel Active Management Technology (AMT) and the Intel Standard Manageability (ISM) and Intel Small Business Technology (SBT) variants. Successful exploitation allows an unprivileged attacker to gain administrative privileges over the management component of the target system.
Extended Description
An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features gaining unprivileged network or local system privileges on Intel manageability SKUs: Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT).
Affected Products
Intel active_management_technology_firmware
References
CVE: CVE-2017-5689
Short Name
HTTP:INTEL-AMT-PE
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
Active CVE-2017-5689 Escalation Intel Management Privilege Remote Technology
Release Date
05/18/2017
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Intel
CVSS Score
10.0