CVE: CVE-2017-5697

Export to Word

Insufficient clickjacking protection in the Web User Interface of Intel AMT firmware versions before 9.1.40.1000, 9.5.60.1952, 10.0.50.1004, 11.0.0.1205, and 11.6.25.1129 potentially allowing a remote attacker to hijack users web clicks via attacker's crafted web page.

Threat-Mapped Scoring

Score: 0.0

Priority: Unclassified

EPSS

Score: 0.00209
Percentile: 0.43547

CVSS Scoring

CVSS v3.1 Score: 6.5

Severity: MEDIUM

Mapped CWE(s)

CWE-1021 : Improper Restriction of Rendered UI Layers or Frames

All CAPEC(s)

CAPEC-103: Clickjacking
CAPEC-181: Flash File Overlay
CAPEC-222: iFrame Overlay
CAPEC-504: Task Impersonation
CAPEC-506: Tapjacking
CAPEC-587: Cross Frame Scripting (XFS)
CAPEC-654: Credential Prompt Impersonation

CAPEC(s) with Mapped TTPs

CAPEC-504: Task Impersonation
Mapped TTPs:
- T1036.004 : Masquerade Task or Service
CAPEC-654: Credential Prompt Impersonation
Mapped TTPs:
- T1056 : Input Capture
- T1548.004 : Elevated Execution with Prompt

Mapped ATT&CK TTPs

T1036.004 : Masquerade Task or Service
Kill Chain: defense-evasion
T1056 : Input Capture
Kill Chain: collection
T1548.004 : Elevated Execution with Prompt
Kill Chain: privilege-escalation

Malware

APTs Threat Group Associations

Campaigns

APT41 DUST
SolarWinds Compromise
RedDelta Modified PlugX Infection Chain Operations
Versa Director Zero Day Exploitation
Frankenstein
Leviathan Australian Intrusions
C0017
2022 Ukraine Electric Power Attack
KV Botnet Activity

Affected Products

cpe:2.3:o:intel:active_management_technology_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:intel:active_management_technology_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:intel:active_management_technology_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:intel:active_management_technology_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:intel:active_management_technology_firmware:*:*:*:*:*:*:*:*

← Back to Home