NVD Vulnerability Detail
Search Exploit, PoC
CVE-2017-5691
Summary

Incorrect check in Intel processors from 6th and 7th Generation Intel Core Processor Families, Intel Xeon E3-1500M v5 and v6 Product Families, and Intel Xeon E3-1200 v5 and v6 Product Families allows compromised system firmware to impact SGX security via incorrect early system state.

Publication Date July 27, 2017, 12:29 a.m.
Registration Date Jan. 26, 2021, 1:26 p.m.
Last Update Nov. 21, 2024, 12:28 p.m.
CVSS3.0 : CRITICAL
スコア 9.0
Vector CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
攻撃元区分(AV) ネットワーク
攻撃条件の複雑さ(AC)
攻撃に必要な特権レベル(PR)
利用者の関与(UI)
影響の想定範囲(S) 変更あり
機密性への影響(C)
完全性への影響(I)
可用性への影響(A)
CVSS2.0 : HIGH
Score 9.3
Vector AV:N/AC:M/Au:N/C:C/I:C/A:C
攻撃元区分(AV) ネットワーク
攻撃条件の複雑さ(AC)
攻撃前の認証要否(Au) 不要
機密性への影響(C)
完全性への影響(I)
可用性への影響(A)
Get all privileges. いいえ
Get user privileges いいえ
Get other privileges いいえ
User operation required はい
Affected software configurations
Configuration1 or higher or less more than less than
cpe:2.3:o:intel:nuc7i3bnk_bios:-:*:*:*:*:*:*:*
execution environment
1 cpe:2.3:h:intel:nuc7i3bnk:-:*:*:*:*:*:*:*
Configuration2 or higher or less more than less than
cpe:2.3:o:intel:nuc7i5bnk_bios:-:*:*:*:*:*:*:*
execution environment
1 cpe:2.3:h:intel:nuc7i5bnk:-:*:*:*:*:*:*:*
Configuration3 or higher or less more than less than
cpe:2.3:o:intel:nuc7i7bnh_bios:-:*:*:*:*:*:*:*
execution environment
1 cpe:2.3:h:intel:nuc7i7bnh:-:*:*:*:*:*:*:*
Configuration4 or higher or less more than less than
cpe:2.3:o:intel:stk2mv64cc_bios:-:*:*:*:*:*:*:*
execution environment
1 cpe:2.3:h:intel:stk2mv64cc:-:*:*:*:*:*:*:*
Configuration5 or higher or less more than less than
cpe:2.3:o:intel:stk2m3w64cc_bios:-:*:*:*:*:*:*:*
execution environment
1 cpe:2.3:h:intel:stk2m3w64cc:-:*:*:*:*:*:*:*
Configuration6 or higher or less more than less than
cpe:2.3:o:intel:nuc6i7kyk_bios:-:*:*:*:*:*:*:*
execution environment
1 cpe:2.3:h:intel:nuc6i7kyk:-:*:*:*:*:*:*:*
Configuration7 or higher or less more than less than
cpe:2.3:o:intel:nuc6i3syk_bios:-:*:*:*:*:*:*:*
execution environment
1 cpe:2.3:h:intel:nuc6i3syk:-:*:*:*:*:*:*:*
Configuration8 or higher or less more than less than
cpe:2.3:o:intel:nuc6i5syk_bios:-:*:*:*:*:*:*:*
execution environment
1 cpe:2.3:h:intel:nuc6i5syk:-:*:*:*:*:*:*:*
Configuration9 or higher or less more than less than
cpe:2.3:o:intel:r1304sposhor_bios:-:*:*:*:*:*:*:*
execution environment
1 cpe:2.3:h:intel:r1304sposhor:-:*:*:*:*:*:*:*
Configuration10 or higher or less more than less than
cpe:2.3:o:intel:r1304sposhorr_bios:-:*:*:*:*:*:*:*
execution environment
1 cpe:2.3:h:intel:r1304sposhorr:-:*:*:*:*:*:*:*
Configuration11 or higher or less more than less than
cpe:2.3:o:intel:r1208sposhorr_bios:-:*:*:*:*:*:*:*
execution environment
1 cpe:2.3:h:intel:r1208sposhorr:-:*:*:*:*:*:*:*
Configuration12 or higher or less more than less than
cpe:2.3:o:intel:lr1304spcfg1r_bios:-:*:*:*:*:*:*:*
execution environment
1 cpe:2.3:h:intel:lr1304spcfg1r:-:*:*:*:*:*:*:*
Configuration13 or higher or less more than less than
cpe:2.3:o:intel:r1208sposhor_bios:-:*:*:*:*:*:*:*
execution environment
1 cpe:2.3:h:intel:r1208sposhor:-:*:*:*:*:*:*:*
Configuration14 or higher or less more than less than
cpe:2.3:o:intel:s1200spsr_bios:-:*:*:*:*:*:*:*
execution environment
1 cpe:2.3:h:intel:s1200spsr:-:*:*:*:*:*:*:*
Configuration15 or higher or less more than less than
cpe:2.3:o:intel:s1200spor_bios:-:*:*:*:*:*:*:*
execution environment
1 cpe:2.3:h:intel:s1200spor:-:*:*:*:*:*:*:*
Configuration16 or higher or less more than less than
cpe:2.3:o:intel:lr1304spcfg1_bios:-:*:*:*:*:*:*:*
execution environment
1 cpe:2.3:h:intel:lr1304spcfg1:-:*:*:*:*:*:*:*
Configuration17 or higher or less more than less than
cpe:2.3:o:intel:s1200spl_bios:-:*:*:*:*:*:*:*
execution environment
1 cpe:2.3:h:intel:s1200spl:-:*:*:*:*:*:*:*
Configuration18 or higher or less more than less than
cpe:2.3:o:intel:s1200spo_bios:-:*:*:*:*:*:*:*
execution environment
1 cpe:2.3:h:intel:s1200spo:-:*:*:*:*:*:*:*
Configuration19 or higher or less more than less than
cpe:2.3:o:intel:s1200sps_bios:-:*:*:*:*:*:*:*
execution environment
1 cpe:2.3:h:intel:s1200sps:-:*:*:*:*:*:*:*
Configuration20 or higher or less more than less than
cpe:2.3:o:intel:r1304sposhbn_bios:-:*:*:*:*:*:*:*
execution environment
1 cpe:2.3:h:intel:r1304sposhbn:-:*:*:*:*:*:*:*
Configuration21 or higher or less more than less than
cpe:2.3:o:intel:s1200splr_bios:-:*:*:*:*:*:*:*
execution environment
1 cpe:2.3:h:intel:s1200splr:-:*:*:*:*:*:*:*
Configuration22 or higher or less more than less than
cpe:2.3:o:intel:r1304sposhbnr_bios:-:*:*:*:*:*:*:*
execution environment
1 cpe:2.3:h:intel:r1304sposhbnr:-:*:*:*:*:*:*:*
Related information, measures and tools
Common Vulnerabilities List
JVN Vulnerability Information
Intel プロセッサにおける認可・権限・アクセス制御に関する脆弱性
Title Intel プロセッサにおける認可・権限・アクセス制御に関する脆弱性
Summary

Intel プロセッサには、認可・権限・アクセス制御に関する脆弱性が存在します。

Possible impacts 情報を取得される、情報を改ざんされる、およびサービス運用妨害 (DoS) 状態にされる可能性があります。
Solution

ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date July 25, 2017, midnight
Registration Date Sept. 7, 2017, 2:14 p.m.
Last Update Sept. 7, 2017, 2:14 p.m.
Affected System
インテル
Intel Compute Stick STK2m3w64CC 
Intel Compute Stick STK2mv64CC 
Intel NUC Kit NUC6i3SYK 
Intel NUC Kit NUC6i5SYK 
Intel NUC Kit NUC6i7KYK 
Intel NUC Kit NUC7i3BNK 
Intel NUC Kit NUC7i5BNK 
Intel NUC Kit NUC7i7BNH 
Intel Server Board S1200SPL 
Intel Server Board S1200SPLR 
Intel Server Board S1200SPO 
Intel Server Board S1200SPOR 
Intel Server Board S1200SPS 
Intel Server Board S1200SPSR 
Intel Server System LR1304SPCFG1 
Intel Server System LR1304SPCFG1R 
Intel Server System R1208SPOSHOR 
Intel Server System R1208SPOSHORR 
Intel Server System R1304SPOSHBN 
Intel Server System R1304SPOSHBNR 
Intel Server System R1304SPOSHOR 
Intel Server System R1304SPOSHORR 
CVE (情報セキュリティ 共通脆弱性識別子)
CWE (共通脆弱性タイプ一覧)
ベンダー情報
Change Log
No Changed Details Date of change
0 [2017年09月07日]
  掲載		 Feb. 17, 2018, 10:37 a.m.