Security ID : NAS-201711-29
Security Advisory for Intel ME, SPS, TXE
Release date : November 29, 2017
CVE identifier : CVE-2017-5705 | CVE-2017-5706 | CVE-2017-5707 | CVE-2017-5708 | CVE-2017-5709 | CVE-2017-5710 | CVE-2017-5711 | CVE-2017-5712
Affected products: None
Severity
Moderate
Status
Resolved
Summary
Multiple vulnerabilities were recently found in Intel Management Engine (ME), Server Platform Service (SPS), and Trusted Execution Engine (TXE). If exploited, these vulnerabilities may allow local attackers to execute arbitrary codes on the system.
As of posting, QNAP has verified that none of our NAS products are affected. Intel is still releasing more information about this issue. We will update this advisory once we gain more information from Intel.
Revision History:
V1.1 (December 14, 2017) - Updated affected products and summary
V1.0 (November 29, 2017) - Published
