SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Device (Embedded Server/Appliance)  >   Lenovo PC Vendors:   Lenovo
(Lenovo Issues Fix for Lenovo PC) Intel Management Engine Multiple Flaws Let Remote Authenticated Users and Local Users Gain Elevated Privileges
SecurityTracker Alert ID:  1039854
SecurityTracker URL:  http://securitytracker.com/id/1039854
CVE Reference:   CVE-2017-5705, CVE-2017-5708, CVE-2017-5711, CVE-2017-5712   (Links to External Site)
Date:  Nov 21 2017
Impact:   Execution of arbitrary code via local system, Execution of arbitrary code via network, User access via local system, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   Multiple vulnerabilities were reported in Intel Management Engine. A remote authenticated user can obtain elevated privileges on the target system. A local user can obtain elevated privileges on the target system. Lenovo PC is affected.

A local user can trigger a buffer overflow in the Intel Management Engine (ME) kernel to execute arbitrary code on the target system [CVE-2017-5705].
A local user can exploit an unspecified flaw in the Intel ME kernel to access privileged content on the target system [CVE-2017-5708].

A local user can trigger buffer overflows in the Intel ME kernel to execute arbitrary code with AMT privileges on the target system [CVE-2017-5711].

On hardware systems that have enabled Flash Descriptor write protections, a physically local user can exploit the vulnerabilities in CVE-2017-5705, CVE-2017-5708, and CVE-2017-5711. On systems that have not enabled Flash Descriptor write protections, a local user without physical access can exploit those vulnerabilities.

A remote authenticated user with Admin privileges can trigger a buffer overflow in the Intel ME kernel to execute arbitrary code with AMT privileges on the target system [CVE-2017-5712].

The following processor series are affected:

6th, 7th, and 8th Generation Intel Core
Intel Xeon Processor E3-1200 v5 and v6
Intel Xeon Processor Scalable
Intel Xeon Processor W
Intel Atom C3000 Processor
Apollo Lake Intel Atom Processor E3900 series
Apollo Lake Intel Pentium
Celeron N and J series Processors

[Editor's note: The Intel Trusted Execution Engine (TXE) and Intel Server Platform Services (SPS) products are affected by separate vulnerabilities.]

Mark Ermolov and Maxim Goryachy from Positive Technologies Research reported one of these vulnerabilities.

Impact:   A remote authenticated user can obtain elevated privileges on the target system.

A local user can obtain elevated privileges on the target system.

Solution:   Lenovo has issued a fix for CVE-2017-5705, CVE-2017-5708, CVE-2017-5711, and CVE-2017-5712 for Lenovo PC.

Some of the Desktop, Desktop - All in One, IdeaPad/Lenovo Notebook, System x - Lenovo, ThinkPad, ThinkStation, and ThinkSystem product lines are affected. A patch matrix is available in the Lenovo advisory.

The Lenovo advisory is available at:

https://support.lenovo.com/us/en/product_security/len-17297

Vendor URL:  support.lenovo.com/us/en/product_security/len-17297 (Links to External Site)
Cause:   Boundary error, Not specified

Message History:   This archive entry is a follow-up to the message listed below.
Nov 21 2017 Intel Management Engine Multiple Flaws Let Remote Authenticated Users and Local Users Gain Elevated Privileges



 Source Message Contents

Subject:  https://support.lenovo.com/us/en/product_security/len-17297

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC