cve/2017/CVE-2017-5689.md

### [CVE-2017-5689](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5689)
![](https://img.shields.io/static/v1?label=Product&message=Intel%20Active%20Mangement%20Technology%2C%20Intel%20Small%20Business%20Technology%2C%20Intel%20Standard%20Manageability&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Escalation%20of%20Privilege&color=brighgreen)

### Description

An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features gaining unprivileged network or local system privileges on Intel manageability SKUs: Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT).

### POC

#### Reference
- http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
- https://www.tenable.com/blog/rediscovering-the-intel-amt-vulnerability

#### Github
- https://github.com/0x00er/ShodanOSINT
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/AidoWedo/Awesome-Honeypots
- https://github.com/BIOS-iEngineer/HUANANZHI-X99-F8
- https://github.com/BIOS-iEngineer/HUANANZHI-X99-TF
- https://github.com/Bijaye/intel_amt_bypass
- https://github.com/CerberusSecurity/CVE-2017-5689
- https://github.com/ChoKyuWon/amt_auth_bypass
- https://github.com/Correia-jpv/fucking-awesome-honeypots
- https://github.com/Hackinfinity/Honey-Pots-
- https://github.com/Mehedi-Babu/Shodan_dork
- https://github.com/Mehedi-Babu/honeypots_cyber
- https://github.com/Milkmange/ShodanOSINT
- https://github.com/Nieuport/-awesome-honeypots-
- https://github.com/Ondrik8/-Security
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
- https://github.com/Pasyware/Honeypot_Projects
- https://github.com/RootUp/AutoSploit
- https://github.com/Shirshakhtml/Useful-Dorks
- https://github.com/SnowflAI/ShodanOSINT
- https://github.com/SoumyaJas2324/-jakejarvis-awesome-shodan-queries-
- https://github.com/TheWay-hue/CVE-2017-5689-Checker
- https://github.com/aprendeDELOShackers/Dorking
- https://github.com/baonq-me/cve2017-5689
- https://github.com/bartblaze/Disable-Intel-AMT
- https://github.com/birdhan/SecurityProduct
- https://github.com/birdhan/Security_Product
- https://github.com/embedi/amt_auth_bypass_poc
- https://github.com/eric-erki/awesome-honeypots
- https://github.com/exxncatin/ShodanOSINT
- https://github.com/flyingfishfuse/Intel_IME_WebUI_bypass
- https://github.com/haxrob/amthoneypot
- https://github.com/intel/INTEL-SA-00075-Linux-Detection-And-Mitigation-Tools
- https://github.com/investlab/Awesome-honeypots
- https://github.com/krishpranav/autosploit
- https://github.com/lnick2023/nicenice
- https://github.com/lothos612/shodan
- https://github.com/mjg59/mei-amt-check
- https://github.com/nixawk/labs
- https://github.com/nullfuzz-pentest/shodan-dorks
- https://github.com/oneplus-x/MS17-010
- https://github.com/paralax/awesome-honeypots
- https://github.com/paulocmarques/HUANANZHI-X99-F8
- https://github.com/paulveillard/cybersecurity-honeypots
- https://github.com/qazbnm456/awesome-cve-poc
- https://github.com/qince1455373819/awesome-honeypots
- https://github.com/r3p3r/paralax-awesome-honeypots
- https://github.com/referefref/referefref
- https://github.com/sagervrma/ShodanOSINT
- https://github.com/sankitanitdgp/san_honeypot_resources
- https://github.com/scriptzteam/Awesome-Shodan-Queries
- https://github.com/scriptzteam/Shodan-Dorks
- https://github.com/syedhafiz1234/honeypot-list
- https://github.com/t666/Honeypot
- https://github.com/thecatdidit/HPEliteBookTools
- https://github.com/tristisranae/shodan_queries
- https://github.com/vikipetrov96/HUANANZHI-X99-TF
- https://github.com/webshell1414/honey
- https://github.com/wisoez/Awesome-honeypots
- https://github.com/x1sec/amthoneypot
- https://github.com/xbl3/awesome-cve-poc_qazbnm456
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`### [CVE-2017-5689](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5689)`
			`![](https://img.shields.io/static/v1?label=Product&message=Intel%20Active%20Mangement%20Technology%2C%20Intel%20Small%20Business%20Technology%2C%20Intel%20Standard%20Manageability&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=Escalation%20of%20Privilege&color=brighgreen)`

			`### Description`

			`An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features gaining unprivileged network or local system privileges on Intel manageability SKUs: Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT).`

			`### POC`

			`#### Reference`
			`- http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html`
			`- https://www.tenable.com/blog/rediscovering-the-intel-amt-vulnerability`

			`#### Github`
			`- https://github.com/0x00er/ShodanOSINT`
			`- https://github.com/ARPSyndicate/cvemon`
			`- https://github.com/ARPSyndicate/kenzer-templates`
			`- https://github.com/AidoWedo/Awesome-Honeypots`
			`- https://github.com/BIOS-iEngineer/HUANANZHI-X99-F8`
			`- https://github.com/BIOS-iEngineer/HUANANZHI-X99-TF`
			`- https://github.com/Bijaye/intel_amt_bypass`
			`- https://github.com/CerberusSecurity/CVE-2017-5689`
			`- https://github.com/ChoKyuWon/amt_auth_bypass`
			`- https://github.com/Correia-jpv/fucking-awesome-honeypots`
			`- https://github.com/Hackinfinity/Honey-Pots-`
			`- https://github.com/Mehedi-Babu/Shodan_dork`
			`- https://github.com/Mehedi-Babu/honeypots_cyber`
			`- https://github.com/Milkmange/ShodanOSINT`
			`- https://github.com/Nieuport/-awesome-honeypots-`
			`- https://github.com/Ondrik8/-Security`
			`- https://github.com/Ostorlab/KEV`
			`- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors`
			`- https://github.com/Pasyware/Honeypot_Projects`
			`- https://github.com/RootUp/AutoSploit`
			`- https://github.com/Shirshakhtml/Useful-Dorks`
			`- https://github.com/SnowflAI/ShodanOSINT`
			`- https://github.com/SoumyaJas2324/-jakejarvis-awesome-shodan-queries-`
			`- https://github.com/TheWay-hue/CVE-2017-5689-Checker`
			`- https://github.com/aprendeDELOShackers/Dorking`
			`- https://github.com/baonq-me/cve2017-5689`
			`- https://github.com/bartblaze/Disable-Intel-AMT`
			`- https://github.com/birdhan/SecurityProduct`
			`- https://github.com/birdhan/Security_Product`
			`- https://github.com/embedi/amt_auth_bypass_poc`
			`- https://github.com/eric-erki/awesome-honeypots`
			`- https://github.com/exxncatin/ShodanOSINT`
			`- https://github.com/flyingfishfuse/Intel_IME_WebUI_bypass`
			`- https://github.com/haxrob/amthoneypot`
			`- https://github.com/intel/INTEL-SA-00075-Linux-Detection-And-Mitigation-Tools`
			`- https://github.com/investlab/Awesome-honeypots`
			`- https://github.com/krishpranav/autosploit`
			`- https://github.com/lnick2023/nicenice`
			`- https://github.com/lothos612/shodan`
			`- https://github.com/mjg59/mei-amt-check`
			`- https://github.com/nixawk/labs`
			`- https://github.com/nullfuzz-pentest/shodan-dorks`
			`- https://github.com/oneplus-x/MS17-010`
			`- https://github.com/paralax/awesome-honeypots`
			`- https://github.com/paulocmarques/HUANANZHI-X99-F8`
			`- https://github.com/paulveillard/cybersecurity-honeypots`
			`- https://github.com/qazbnm456/awesome-cve-poc`
			`- https://github.com/qince1455373819/awesome-honeypots`
			`- https://github.com/r3p3r/paralax-awesome-honeypots`
			`- https://github.com/referefref/referefref`
			`- https://github.com/sagervrma/ShodanOSINT`
			`- https://github.com/sankitanitdgp/san_honeypot_resources`
			`- https://github.com/scriptzteam/Awesome-Shodan-Queries`
			`- https://github.com/scriptzteam/Shodan-Dorks`
			`- https://github.com/syedhafiz1234/honeypot-list`
			`- https://github.com/t666/Honeypot`
			`- https://github.com/thecatdidit/HPEliteBookTools`
			`- https://github.com/tristisranae/shodan_queries`
			`- https://github.com/vikipetrov96/HUANANZHI-X99-TF`
			`- https://github.com/webshell1414/honey`
			`- https://github.com/wisoez/Awesome-honeypots`
			`- https://github.com/x1sec/amthoneypot`
			`- https://github.com/xbl3/awesome-cve-poc_qazbnm456`