Out-of-Bounds Read Vulnerability in Intel AMT Versions
CVE-2020-8749

8.8HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Amt
Vendor: CVE Published:; 12 November 2020

Summary

An out-of-bounds read vulnerability exists in Intel's Active Management Technology (AMT) that impacts various versions released prior to 11.8.80, 11.12.80, 11.22.80, 12.0.70, and 14.0.45. This flaw may allow an unauthenticated user to execute access to potentially sensitive information, which could result in privilege escalation through adjacent access. Users and organizations utilizing affected versions are recommended to apply updates to mitigate the risk associated with this vulnerability.

Affected Version(s)

Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45

References

https://www.intel.com/content/www/us/en/security-center/a...

x_refsource_MISC

https://security.netapp.com/advisory/ntap-20201113-0003/

x_refsource_CONFIRM

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 12, 2020
Vulnerability Reserved
Feb 6, 2020