Is CVE-2017-5689 known to be exploited?

Yes. CVE-2017-5689 is listed in the CISA Known Exploited Vulnerabilities catalog (added 2022-01-28), indicating it is being actively exploited. 82 public proof-of-concept repositories are indexed.

Vulnerability in Intel Corporation Active Mangement Technology, Small Business Standard Manageability

CVE-2017-5689

An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageab…

EPSS: 0.942 (99.9th percentile) — read the EPSS interpretation.

Affected products

Intel Corporation Active Mangement Technology, Small Business Standard Manageability — versions fixed in versions 6.2.61.3535, 7.1.91.3272, 8.1.71.3608, 9.1.41.3024, 10.0.55.3000, 11.0.25.3001, and 11.6.27.3264 and later

CISA KEV (Known Exploited Vulnerabilities)

This CVE is on the CISA KEV catalog, added on 2022-01-28. CISA KEV inclusion means CISA has confirmed in-the-wild exploitation; US federal agencies are required to remediate within a published due date.

BOD 22-01 due date: 2022-07-28.

Required action: Apply updates per vendor instructions.

Public proof-of-concept exploits

References

www.tenable.com/blog/rediscovering-the-intel-amt-vulnerability (x_refsource_MISC)
downloadmirror.intel.com/26754/eng/INTEL-SA-00075 Mitigation Guide-Rev 1.1.pdf (x_refsource_CONFIRM)
98269 (vdb-entry, x_refsource_BID)
1038385 (vdb-entry, x_refsource_SECTRACK)
security.netapp.com/advisory/ntap-20170509-0001/ (x_refsource_CONFIRM)
www.embedi.com/files/white-papers/Silent-Bob-is-Silent.pdf (x_refsource_MISC)
security-center.intel.com/advisory.aspx (x_refsource_CONFIRM)
h20566.www2.hpe.com/hpsc/doc/public/display (x_refsource_CONFIRM)
www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html (x_refsource_CONFIRM)
www.embedi.com/news/mythbusters-cve-2017-5689 (x_refsource_MISC)

Frequently asked questions

What is CVE-2017-5689?: CVE-2017-5689 is a vulnerability in Intel Corporation Active Mangement Technology, Small Business Standard Manageability. Published 2017-05-02.
Is CVE-2017-5689 known to be exploited?: Yes. CVE-2017-5689 is listed in the CISA Known Exploited Vulnerabilities catalog (added 2022-01-28), indicating it is being actively exploited. 82 public proof-of-concept repositories are indexed.