An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features gaining unprivileged network or local system privileges on Intel manageability SKUs: Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT).

The Intel Management Engine on the remote host has Active Management Technology (AMT) enabled, and is affected by an authentication bypass vulnerability. An unauthenticated, remote attacker can exploit this, via a NULL HTTP Digest response, to bypass authentication.

Note that the vulnerability is only exploitable remotely if either Active Management Technology (AMT), Intel Standard Manageability (ISM), or Small Business Technology (SBT) is enabled. However, a local attacker can still exploit the vulnerability even if these components are disabled by simply re-enabling the components.

The Intel Management Engine on the remote host has Active Management Technology (AMT) enabled, and according to its self-reported version in the banner, it is running Intel manageability firmware version 6.x prior to 6.2.61.3535, 7.x prior to 7.1.91.3272, 8.x prior to 8.1.71.3608, 9.0.x or 9.1.x prior to 9.1.41.3024, 9.5.x prior to 9.5.61.3012, 10.0.x prior to 10.0.55.3000, 11.0.18.x prior to 11.0.18.3003, 11.0.22.x prior to 11.0.22.3001, 11.0.x prior to 11.0.25.3001, 11.6.12.x prior to 11.6.12.3202, or else 11.5.x or 11.6.x prior to 11.6.27.3264. It is, therefore, affected by a remote code execution vulnerability due to insecure read and write operations. An unauthenticated, remote attacker can exploit this to execute arbitrary code.

Note that the vulnerability is only exploitable remotely if either Active Management Technology (AMT), Intel Standard Manageability (ISM), or Small Business Technology (SBT) is enabled. However, a local attacker can still exploit the vulnerability even if these components are disabled by simply re-enabling the components.

The Intel Management Engine on the remote host has Active Management Technology (AMT) enabled and is running Intel manageability firmware version 6.x prior to 6.2.61.3535, 7.x prior to 7.1.91.3272, 8.x prior to 8.1.71.3608, 9.0.x or 9.1.x prior to 9.1.41.3024, 9.5.x prior to 9.5.61.3012, 10.0.x prior to 10.0.55.3000, 11.0.18.x prior to 11.0.18.3003, 11.0.22.x prior to 11.0.22.3001, 11.0.x prior to 11.0.25.3001, 11.6.10.x prior to 11.6.10.3197, 11.6.12.x prior to 11.6.12.3202, or else 11.5.x or 11.6.x prior to 11.6.27.3264. It is, therefore, affected by a remote code execution vulnerability due to insecure read and write operations. An unauthenticated, remote attacker can exploit this to execute arbitrary code.

Note that the vulnerability is only exploitable remotely if either Active Management Technology (AMT), Intel Standard Manageability (ISM), or Small Business Technology (SBT) is enabled. However, a local attacker can still exploit the vulnerability even if these components are disabled by simply re-enabling the components.

Also, note that due to the low-level implementation of Intel ME, Nessus may not be able to identify its version on the remote host at this time.

Versions of Intel Active Management Technology 11.5.x and 11.6.x prior to 11.6.27.3264 are affected by a flaw that is triggered as it insecurely performs read and write operations. This may allow a remote attacker to potentially execute arbitrary code depending on the Intel software installed, or a local attacker to gain privileges in other configurations.

Versions of Intel Active Management Technology 11.0.x prior to 11.0.25.3001 are affected by a flaw that is triggered as it insecurely performs read and write operations. This may allow a remote attacker to potentially execute arbitrary code depending on the Intel software installed, or a local attacker to gain privileges in other configurations.

Versions of Intel Active Management Technology 10.x prior to 10.0.55.3000 are affected by a flaw that is triggered as it insecurely performs read and write operations. This may allow a remote attacker to potentially execute arbitrary code depending on the Intel software installed, or a local attacker to gain privileges in other configurations.

Versions of Intel Active Management Technology 9.5.x prior to 9.5.61.3012 are affected by a flaw that is triggered as it insecurely performs read and write operations. This may allow a remote attacker to potentially execute arbitrary code depending on the Intel software installed, or a local attacker to gain privileges in other configurations.

Versions of Intel Active Management Technology 9.x prior to 9.1.41.3024 are affected by a flaw that is triggered as it insecurely performs read and write operations. This may allow a remote attacker to potentially execute arbitrary code depending on the Intel software installed, or a local attacker to gain privileges in other configurations.

Versions of Intel Active Management Technology 8.x prior to 8.1.71.3608 are affected by a flaw that is triggered as it insecurely performs read and write operations. This may allow a remote attacker to potentially execute arbitrary code depending on the Intel software installed, or a local attacker to gain privileges in other configurations.

Versions of Intel Active Management Technology 7.x prior to 7.1.91.3272 are affected by a flaw that is triggered as it insecurely performs read and write operations. This may allow a remote attacker to potentially execute arbitrary code depending on the Intel software installed, or a local attacker to gain privileges in other configurations.

Versions of Intel Active Management Technology 6.x prior to 6.2.61.3535 are affected by a flaw that is triggered as it insecurely performs read and write operations. This may allow a remote attacker to potentially execute arbitrary code depending on the Intel software installed, or a local attacker to gain privileges in other configurations.

ID	Name	Product	Family	Severity
97999	Intel Management Engine Authentication Bypass (INTEL-SA-00075) (remote check)	Nessus	Web Servers	critical
97998	Intel Management Engine Insecure Read / Write Operations RCE (INTEL-SA-00075) (remote check)	Nessus	Web Servers	critical
97997	Intel Management Engine Insecure Read / Write Operations RCE (INTEL-SA-00075)	Nessus	Windows	critical
700085	Intel Active Management Technology 11.5.x / 11.6.x < 11.6.27.3264 RCE	Nessus Network Monitor	Generic	critical
700084	Intel Active Management Technology 11.0.x < 11.0.25.3001 RCE	Nessus Network Monitor	Generic	critical
700083	Intel Active Management Technology 10.x < 10.0.55.3000 RCE	Nessus Network Monitor	Generic	critical
700082	Intel Active Management Technology 9.5.x < 9.5.61.3012 RCE	Nessus Network Monitor	Generic	critical
700081	Intel Active Management Technology 9.x < 9.1.41.3024 RCE	Nessus Network Monitor	Generic	critical
700080	Intel Active Management Technology 8.x < 8.1.71.3608 RCE	Nessus Network Monitor	Generic	critical
700079	Intel Active Management Technology 7.x < 7.1.91.3272 RCE	Nessus Network Monitor	Generic	critical
700071	Intel Active Management Technology 6.x < 6.2.61.3535 RCE	Nessus Network Monitor	Generic	critical

Detections

Analytics

CVE-2017-5689

critical

Tenable Plugins

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical