7 matches found
CVE-2020-8758
CVE-2020-8758 affects Intel AMT/ISM: improper buffer restrictions in the network subsystem may allow escalation of privilege. In provisioned systems, an unauthenticated attacker on the network can potentially escalate privileges; on un-provisioned systems, an authenticated user may escalate via l...
CVE-2020-8752
CVE-2020-8752 affects Intel AMT/ISM IPv6 subsystem: out-of-bounds write in IPv6 can allow unauthenticated privilege escalation via network access on Intel AMT/ISM firmware versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 14.0.45. Intel INTEL-SA-00391 describes mitigation; affected products i...
CVE-2022-30601
The CVE-2022-30601 entry concerns Intel AMT and Intel Standard Manageability. The issue is described as insufficiently protected credentials, which could allow an unauthenticated user to disclose information and escalate privileges via network access. Affected components cited in multiple sources...
CVE-2022-28697
CVE-2022-28697 affects firmware in Intel(R) AMT and Intel(R) Standard Manageability. The issue is improper access control that may allow an unauthenticated user to escalate privileges via physical access. CVSSv3.1 metrics indicate physical attack vector, no privileges required, with high confiden...
CVE-2022-30944
CVE-2022-30944 affects Intel AMT and Intel Standard Manageability. Insufficiently protected credentials may allow a privileged user to disclose information via local access. The CVE is rated with a Local attack vector and High confidentiality impact (CVSSv3.1: 5.5). Multiple connected sources ref...
CVE-2020-8754
Intel AMT/ISM subsystem contains an out-of-bounds read vulnerability (CVE-2020-8754) that could allow unauthenticated information disclosure over the network. Affected versions include Intel AMT/ISM before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45. Intel’s advisory and vendor advisories in...
CVE-2020-8753
CVE-2020-8753 is an out-of-bounds read vulnerability in the DHCP subsystem of Intel AMT/ISM (and related components in the Intel CSME/SPS/TXE/SO CSME stack). Affected versions are Intel AMT/ISM before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45. The flaw may allow an unauthenticated attacker...