Insufficient Input Validation in Intel AMT Affects Network Security
CVE-2019-0094

4.3MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Active Management Technology (amt)
Vendor: CVE Published:; 17 May 2019

Summary

An insufficient input validation vulnerability exists within the subsystem for Intel Active Management Technology (AMT), which can allow an unauthenticated user to potentially leverage this flaw to enable a denial of service. This risk is present primarily when the attacker has access to the local network, emphasizing the need for robust security measures to mitigate this threat. Users and organizations should ensure their Intel AMT systems are updated to the latest versions to safeguard against potential exploitation.

Affected Version(s)

Intel(R) Active Management Technology (AMT) Versions before 11.8.65, 11.11.65, 11.22.65, 12.0.35.

References

https://www.intel.com/content/www/us/en/security-center/a...

x_refsource_MISC

https://support.f5.com/csp/article/K84591451

x_refsource_CONFIRM

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 17, 2019
Vulnerability Reserved
Nov 13, 2018