CVE-2017-5691 Information

Description

Incorrect check in Intel processors from 6th and 7th Generation Intel Core Processor Families Intel Xeon E3-1500M v5 and v6 Product Families and Intel Xeon E3-1200 v5 and v6 Product Families allows compromised system firmware to impact SGX security via incorrect early system state.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

Reference

https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesb3p03767en_us https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00076&languageid=en-fr https://support.lenovo.com/us/en/product_security/LEN-15184

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

REQUIRED

Confidentiality Impact

CHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

9.0