ByteOS Network

Vulnerability Details :

CVE-2017-5706

Assigner-intel

Assigner Org ID-6dda929c-bb53-4a77-a76d-48e79601a1ce

Published At-21 Nov, 2017 | 14:00

Updated At-17 Sep, 2024 | 04:13

Multiple buffer overflows in kernel in Intel Server Platform Services Firmware 4.0 allow attacker with local access to the system to execute arbitrary code.

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

▼Common Vulnerabilities and Exposures (CVE)

cve.org

Assigner:intel

Assigner Org ID:6dda929c-bb53-4a77-a76d-48e79601a1ce

Published At:21 Nov, 2017 | 14:00

Updated At:17 Sep, 2024 | 04:13

▼CVE Numbering Authority (CNA)

Multiple buffer overflows in kernel in Intel Server Platform Services Firmware 4.0 allow attacker with local access to the system to execute arbitrary code.

Affected Products

Vendor

Intel Corporation

Product

Server Platform Services

Versions

Affected

Problem Types

Type	CWE ID	Description
text	N/A	Elevation of Privilege

Type: text

CWE ID: N/A

Description: Elevation of Privilege

References

Hyperlink	Resource
http://www.securityfocus.com/bid/101906	vdb-entry x_refsource_BID
https://security.netapp.com/advisory/ntap-20171120-0001/	x_refsource_CONFIRM
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03798en_us	x_refsource_CONFIRM
http://www.securitytracker.com/id/1039955	vdb-entry x_refsource_SECTRACK
https://twitter.com/PTsecurity_UK/status/938447926128291842	x_refsource_MISC
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html	x_refsource_CONFIRM
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr	x_refsource_CONFIRM
https://cert-portal.siemens.com/productcert/pdf/ssa-892715.pdf	x_refsource_CONFIRM
https://www.asus.com/News/wzeltG5CjYaIwGJ0	x_refsource_CONFIRM

Hyperlink: http://www.securityfocus.com/bid/101906

Resource:

vdb-entry

x_refsource_BID

Hyperlink: https://security.netapp.com/advisory/ntap-20171120-0001/

Resource:

x_refsource_CONFIRM

Hyperlink: https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03798en_us

Resource:

x_refsource_CONFIRM

Hyperlink: http://www.securitytracker.com/id/1039955

Resource:

vdb-entry

x_refsource_SECTRACK

Hyperlink: https://twitter.com/PTsecurity_UK/status/938447926128291842

Resource:

x_refsource_MISC

Hyperlink: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

Resource:

x_refsource_CONFIRM

Hyperlink: https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr

Resource:

x_refsource_CONFIRM

Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-892715.pdf

Resource:

x_refsource_CONFIRM

Hyperlink: https://www.asus.com/News/wzeltG5CjYaIwGJ0

Resource:

x_refsource_CONFIRM

▼Authorized Data Publishers (ADP)

CVE Program Container

References

Hyperlink	Resource
http://www.securityfocus.com/bid/101906	vdb-entry x_refsource_BID x_transferred
https://security.netapp.com/advisory/ntap-20171120-0001/	x_refsource_CONFIRM x_transferred
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03798en_us	x_refsource_CONFIRM x_transferred
http://www.securitytracker.com/id/1039955	vdb-entry x_refsource_SECTRACK x_transferred
https://twitter.com/PTsecurity_UK/status/938447926128291842	x_refsource_MISC x_transferred
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html	x_refsource_CONFIRM x_transferred
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr	x_refsource_CONFIRM x_transferred
https://cert-portal.siemens.com/productcert/pdf/ssa-892715.pdf	x_refsource_CONFIRM x_transferred
https://www.asus.com/News/wzeltG5CjYaIwGJ0	x_refsource_CONFIRM x_transferred

Hyperlink: http://www.securityfocus.com/bid/101906

Resource:

vdb-entry

x_refsource_BID

x_transferred

Hyperlink: https://security.netapp.com/advisory/ntap-20171120-0001/

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03798en_us

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://www.securitytracker.com/id/1039955

Resource:

vdb-entry

x_refsource_SECTRACK

x_transferred

Hyperlink: https://twitter.com/PTsecurity_UK/status/938447926128291842

Resource:

x_refsource_MISC

x_transferred

Hyperlink: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-892715.pdf

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: https://www.asus.com/News/wzeltG5CjYaIwGJ0

Resource:

x_refsource_CONFIRM

x_transferred

▼National Vulnerability Database (NVD)

nvd.nist.gov

Source:secure@intel.com

Published At:21 Nov, 2017 | 14:29

Updated At:20 Apr, 2025 | 01:37

Multiple buffer overflows in kernel in Intel Server Platform Services Firmware 4.0 allow attacker with local access to the system to execute arbitrary code.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.0	7.8	HIGH	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary	2.0	7.2	HIGH	AV:L/AC:L/Au:N/C:C/I:C/A:C

Type: Primary

Version: 3.0

Base score: 7.8

Base severity: HIGH

Vector:

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Type: Primary

Version: 2.0

Base score: 7.2

Base severity: HIGH

Vector:

AV:L/AC:L/Au:N/C:C/I:C/A:C

CPE Matches

Intel Corporation

>>server_platform_services_firmware>>4.0

cpe:2.3:o:intel:server_platform_services_firmware:4.0:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-119	Primary	nvd@nist.gov

CWE ID: CWE-119

Type: Primary

Source: nvd@nist.gov

References

Hyperlink	Source	Resource
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html	secure@intel.com	Issue Tracking Patch Third Party Advisory
http://www.securityfocus.com/bid/101906	secure@intel.com	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1039955	secure@intel.com	Third Party Advisory VDB Entry
https://cert-portal.siemens.com/productcert/pdf/ssa-892715.pdf	secure@intel.com	N/A
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr	secure@intel.com	Issue Tracking Vendor Advisory
https://security.netapp.com/advisory/ntap-20171120-0001/	secure@intel.com	Issue Tracking Third Party Advisory Tool Signature
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03798en_us	secure@intel.com	N/A
https://twitter.com/PTsecurity_UK/status/938447926128291842	secure@intel.com	N/A
https://www.asus.com/News/wzeltG5CjYaIwGJ0	secure@intel.com	N/A
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html	af854a3a-2127-422b-91ae-364da2661108	Issue Tracking Patch Third Party Advisory
http://www.securityfocus.com/bid/101906	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1039955	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory VDB Entry
https://cert-portal.siemens.com/productcert/pdf/ssa-892715.pdf	af854a3a-2127-422b-91ae-364da2661108	N/A
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr	af854a3a-2127-422b-91ae-364da2661108	Issue Tracking Vendor Advisory
https://security.netapp.com/advisory/ntap-20171120-0001/	af854a3a-2127-422b-91ae-364da2661108	Issue Tracking Third Party Advisory Tool Signature
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03798en_us	af854a3a-2127-422b-91ae-364da2661108	N/A
https://twitter.com/PTsecurity_UK/status/938447926128291842	af854a3a-2127-422b-91ae-364da2661108	N/A
https://www.asus.com/News/wzeltG5CjYaIwGJ0	af854a3a-2127-422b-91ae-364da2661108	N/A

Hyperlink: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

Source: secure@intel.com

Resource:

Issue Tracking

Patch

Third Party Advisory

Hyperlink: http://www.securityfocus.com/bid/101906

Source: secure@intel.com

Resource:

Third Party Advisory

VDB Entry

Hyperlink: http://www.securitytracker.com/id/1039955

Source: secure@intel.com

Resource:

Third Party Advisory

VDB Entry

Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-892715.pdf

Source: secure@intel.com

Resource: N/A

Hyperlink: https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr

Source: secure@intel.com

Resource:

Issue Tracking

Vendor Advisory

Hyperlink: https://security.netapp.com/advisory/ntap-20171120-0001/

Source: secure@intel.com

Resource:

Issue Tracking

Third Party Advisory

Tool Signature

Hyperlink: https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03798en_us

Source: secure@intel.com

Resource: N/A

Hyperlink: https://twitter.com/PTsecurity_UK/status/938447926128291842

Source: secure@intel.com

Resource: N/A

Hyperlink: https://www.asus.com/News/wzeltG5CjYaIwGJ0

Source: secure@intel.com

Resource: N/A

Hyperlink: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html