关联漏洞
标题:
多款Intel产品安全漏洞
(CVE-2017-5689)
描述:Intel Management Engine(ME)是美国英特尔(Intel)公司的一个管理引擎,能够远程管理计算机。Intel Active Management Technology (AMT)、Intel Standard Manageability (ISM)和Intel Small Business Technology (SBT)都是其中的组件。 多款Intel产品中存在安全漏洞。攻击者可利用该漏洞获取系统权限。以下产品受到影响:Intel Active Management Technol
描述
Intel Active Management platforms are susceptible to authentication bypass. A non-privileged network attacker can gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability. A non-privileged local attacker can provision manageability features, gaining unprivileged network or local system privileges on Intel manageability SKUs: Intel Active Management Technology, Intel Standard Manageability, and Intel Small Business Technology. The issue has been observed in versions 6.x, 7.x, 8.x 9.x, 10.x, 11.0, 11.5, and 11.6 for all three platforms. Versions before 6 and after 11.6 are not impacted.
文件快照
id: CVE-2017-5689
info:
name: Intel Active Management - Authentication Bypass
author: pdteam
...
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。