Lucene search
K
IntelActive Management Technology Firmware*

20 matches found

CVE
CVE
added 2022/11/11 3:48 p.m.574 views

CVE-2021-33159

Intel AMT vulnerability CVE-2021-33159 stems from improper authentication in the AMT subsystem, enabling a privileged user to escalate privileges via local access. Affected firmware versions include AMT before 11.8.93, 11.12.93, 11.22.93, 12.0.92, 14.1.67, 15.0.42, and 16.1.25. Red Hat and other ...

7.4CVSS6.7AI score0.00178EPSS
CVE
CVE
added 2022/11/11 3:48 p.m.147 views

CVE-2022-26845

CVE-2022-26845 affects Intel AMT firmware. Improper authentication may allow an unauthenticated network-access user to escalate privileges. Affected AMT/CSME/SPS firmware versions include before 11.8.93, 11.12.93, 11.22.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25. Remediation per PT-2022-18096 and Int...

9.8CVSS9.7AI score0.00565EPSS
CVE
CVE
added 2020/11/12 6:9 p.m.132 views

CVE-2020-8747

CVE-2020-8747 is an out-of-bounds read in the Intel AMT subsystem (and related CSME/ISM/TXE components) affecting Intel AMT/CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45. The issue can enable information disclosure and/or denial of service via network access by an unauthen...

9.1CVSS8.7AI score0.01675EPSS
CVE
CVE
added 2020/11/12 6:5 p.m.131 views

CVE-2020-8752

CVE-2020-8752 affects Intel AMT/ISM IPv6 subsystem: out-of-bounds write in IPv6 can allow unauthenticated privilege escalation via network access on Intel AMT/ISM firmware versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 14.0.45. Intel INTEL-SA-00391 describes mitigation; affected products i...

9.8CVSS9.5AI score0.01634EPSS
CVE
CVE
added 2022/02/09 10:4 p.m.127 views

CVE-2021-33068

CVE-2021-33068 is a null pointer dereference in the Intel AMT subsystem. Intel SPS/AMT/PMC chipset firmware before certain versions may allow an authenticated remote attacker to cause a denial-of-service via network access. Public documents from NVD/Intel/Red Hat/IBM describe affected components ...

6.5CVSS6.2AI score0.0084EPSS
CVE
CVE
added 2022/08/18 12:0 a.m.125 views

CVE-2022-30601

The CVE-2022-30601 entry concerns Intel AMT and Intel Standard Manageability. The issue is described as insufficiently protected credentials, which could allow an unauthenticated user to disclose information and escalate privileges via network access. Affected components cited in multiple sources...

9.8CVSS9.3AI score0.00779EPSS
CVE
CVE
added 2020/11/12 6:9 p.m.123 views

CVE-2020-8749

CVE-2020-8749 is an Intel AMT/CSME-related issue described as an out-of-bounds read in the AMT subsystem that may let an unauthenticated, adjacent user escalate privileges. Affected are Intel AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45. The CVE is part of a broader set of...

8.8CVSS9.2AI score0.01118EPSS
CVE
CVE
added 2022/08/18 12:0 a.m.120 views

CVE-2022-28697

CVE-2022-28697 affects firmware in Intel(R) AMT and Intel(R) Standard Manageability. The issue is improper access control that may allow an unauthenticated user to escalate privileges via physical access. CVSSv3.1 metrics indicate physical attack vector, no privileges required, with high confiden...

6.8CVSS8.2AI score0.00351EPSS
CVE
CVE
added 2022/08/18 12:0 a.m.114 views

CVE-2022-30944

CVE-2022-30944 affects Intel AMT and Intel Standard Manageability. Insufficiently protected credentials may allow a privileged user to disclose information via local access. The CVE is rated with a Local attack vector and High confidentiality impact (CVSSv3.1: 5.5). Multiple connected sources ref...

5.5CVSS6.6AI score0.00187EPSS
CVE
CVE
added 2020/11/12 6:9 p.m.113 views

CVE-2020-12356

CVE-2020-12356 is an Intel AMT/CSME vulnerability (Out-of-bounds read) that affects AMT/ISM/CSME subsystems prior to specific builds: versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45. The issue can allow a privileged user to disclose information via local access; CVSS3.1 vector in...

4.4CVSS5.1AI score0.0038EPSS
CVE
CVE
added 2020/11/12 6:8 p.m.111 views

CVE-2020-8754

Intel AMT/ISM subsystem contains an out-of-bounds read vulnerability (CVE-2020-8754) that could allow unauthenticated information disclosure over the network. Affected versions include Intel AMT/ISM before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45. Intel’s advisory and vendor advisories in...

7.5CVSS7.1AI score0.01458EPSS
CVE
CVE
added 2020/11/12 6:9 p.m.108 views

CVE-2020-8746

CVE-2020-8746 concerns Intel AMT/CSME subsystem integer overflow that could allow a remote unauthenticated actor to cause denial of service via adjacent access. Connected sources confirm the issue affects Intel AMT/CSME/ISM stack versions before specific fixes (11.8.82/11.12.82/11.22.82/12.0.70/1...

6.5CVSS7.8AI score0.00869EPSS
CVE
CVE
added 2020/11/12 6:5 p.m.108 views

CVE-2020-8753

CVE-2020-8753 is an out-of-bounds read vulnerability in the DHCP subsystem of Intel AMT/ISM (and related components in the Intel CSME/SPS/TXE/SO CSME stack). Affected versions are Intel AMT/ISM before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45. The flaw may allow an unauthenticated attacker...

7.5CVSS8AI score0.01478EPSS
CVE
CVE
added 2020/11/12 6:7 p.m.108 views

CVE-2020-8757

CVE-2020-8757 involves an out-of-bounds read in the Intel AMT subsystem that can allow a privileged local user to escalate privileges. Affected: Intel AMT/CSME family before versions 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 (and related AMT/ISM components per Intel advisories). Root cause...

6.7CVSS6.8AI score0.00412EPSS
CVE
CVE
added 2022/11/11 3:48 p.m.108 views

CVE-2022-29893

The CVE-2022-29893 issue is in Intel® AMT firmware and stems from improper authentication, potentially allowing an authenticated user to escalate privileges over the network. Affected AMT versions include prior to 11.8.93, 11.12.93, 11.22.93, 12.0.92, 14.1.67, 15.0.42, and 16.1.25. Reported base ...

8.8CVSS8.8AI score0.00575EPSS
CVE
CVE
added 2020/11/12 6:8 p.m.107 views

CVE-2020-8760

CVE-2020-8760 is an Intel AMT/CSME-related issue described as an integer overflow in the subsystem affecting AMT/CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 14.0.45. The vulnerability may allow a privileged user to escalate privileges via local access. Public sources in connected d...

7.8CVSS7.8AI score0.00414EPSS
CVE
CVE
added 2018/09/12 7:0 p.m.106 views

CVE-2018-3616

CVE-2018-3616 is a Bleichenbacher-style side-channel vulnerability in the TLS implementation of Intel AMT/CSME firmware prior to 12.0.5. An unauthenticated attacker could potentially obtain the TLS session key over the network. Public-internal sources confirm impact on Intel AMT/CSME (TLS) with C...

5.9CVSS5.9AI score0.02388EPSS
CVE
CVE
added 2022/11/11 3:48 p.m.105 views

CVE-2022-27497

The CVE-2022-27497 issue is a null pointer dereference in Intel® AMT firmware prior to versions 11.8.93, 11.12.93, 11.22.93, 12.0.92, 14.1.67, 15.0.42, and 16.1.25 that may allow an unauthenticated remote attacker to cause a denial of service via network access. Public sources (Intel IPU advisory...

8.6CVSS7.4AI score0.00654EPSS
CVE
CVE
added 2018/09/12 7:0 p.m.96 views

CVE-2018-3658

CVE-2018-3658 affects Intel AMT in Intel CSME firmware prior to 12.0.5. The issue is described as multiple memory leaks that may allow an unauthenticated, Intel AMT-provisioned user to cause a partial denial of service over the network. Remediation: upgrade to the latest Intel CSME firmware versi...

5.3CVSS5.4AI score0.03303EPSS
CVE
CVE
added 2018/09/12 7:0 p.m.94 views

CVE-2018-3657

CVE-2018-3657 affects Intel AMT in Intel CSME firmware prior to 12.0.5, enabling a local attacker with high privileges to potentially execute arbitrary code with AMT execution rights via local access. The issue is described across multiple sources (NVD entry and related advisories) with a CVSSv3 ...

7.2CVSS6.7AI score0.00582EPSS