Insufficient Input Validation in Intel AMT Subsystem
CVE-2019-0097

4.9MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Active Management Technology (amt)
Vendor: CVE Published:; 17 May 2019

Summary

An insufficient input validation vulnerability exists in the Intel AMT subsystem which may allow a privileged user to exploit the flaw and potentially enable a denial of service through network access. This could impact system availability for users leveraging Intel's Active Management Technology. Users are advised to upgrade their software to the latest version to mitigate this risk.

Affected Version(s)

Intel(R) Active Management Technology (AMT) Versions before 12.0.35.

References

https://www.intel.com/content/www/us/en/security-center/a...

x_refsource_MISC

https://support.f5.com/csp/article/K84591451

x_refsource_CONFIRM

CVSS V3.1

Score:

4.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 17, 2019
Vulnerability Reserved
Nov 13, 2018