Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.WMI_INTEL-SA-00391.NBIN
HistoryNov 20, 2020 - 12:00 a.m.

Intel Converged Security Management Engine (CSME) Active Management Technology (AMT) Multiple Vulnerabilities (INTEL-SA-00391)

2020-11-2000:00:00
This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
11
JSON

The Intel Converged Security Management Engine (CSME) on the remote host is affected by multiple vulnerabilities in the Active Management Technology (AMT) feature, including the following:

  • Out-of-bounds write in IPv6 subsystem for Intel® AMT, Intel® ISM versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 14.0.45 may allow an unauthenticated user to potentially enable escalation of privileges via network access. (CVE-2020-8752)

  • Out-of-bounds read in subsystem for Intel® AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an unauthenticated user to potentially enable information disclosure and/or denial of service via network access. (CVE-2020-8747)

  • Out-of-bounds read in subsystem for Intel® AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. (CVE-2020-8749)

Note that due to the low-level implementation of Intel ME, Nessus may not be able to identify its version on the remote host at this time.

Binary data wmi_INTEL-SA-00391.nbin
VendorProductVersionCPE
intelactive_management_technology_firmwarecpe:/o:intel:active_management_technology_firmware
intelactive_management_technologycpe:/h:intel:active_management_technology

References

Related

f5 1
openvas 1
cve 3
prion 3
nessus 1
hp 1
intel 1
threatpost 1
f5
f5
K23033557 : Intel software vulnerabilities CVE-2020-8746, CVE-2020-8747, CVE-2020-8749, CVE-2020-8752, CVE-2020-8753
2020-11-26 00:00:00
openvas
openvas
Intel Active Management Technology Multiple Vulnerabilities (INTEL-SA-00391)
2020-11-13 00:00:00
cve
cve
CVE-2020-8752
2020-11-12 18:15:00
CVE-2020-8749
2020-11-12 18:15:00
CVE-2020-8747
2020-11-12 18:15:00
prion
prion
Information disclosure
2020-11-12 18:15:00
Design/Logic Flaw
2020-11-12 18:15:00
Design/Logic Flaw
2020-11-12 18:15:00
nessus
nessus
Intel Active Management Technology (AMT) Multiple Vulnerabilities (INTEL-SA-00391) (remote check)
2020-11-20 00:00:00
hp
hp
HPSBHF03703 rev. 4 - Intel® 2020.2 IPU - CSME, SPS, TXE, AMT, and DAL Security Update
2020-11-09 00:00:00
intel
intel
2020.2 IPU – Intel® CSME, SPS, TXE, and AMT Advisory
2022-05-12 00:00:00
threatpost
threatpost
Colossal Intel Update Anchored by Critical Privilege-Escalation Bugs
2020-11-10 20:59:04
JSON
Related for WMI_INTEL-SA-00391.NBIN
f51openvas1cve3prion3nessus1hp1intel1threatpost1