Improper Access Control in Intel AMT and Intel Standard Manageability
CVE-2022-28697

6.8MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Amt And Intel(r) Standard Manageability
Vendor: CVE Published:; 18 August 2022

What is CVE-2022-28697?

An improper access control issue exists in the firmware for Intel AMT and Intel Standard Manageability. This vulnerability can potentially allow an unauthenticated user to escalate privileges by gaining physical access to the affected devices. It emphasizes the importance of securing physical access to systems utilizing these technologies to mitigate potential threats.

Affected Version(s)

Intel(R) AMT and Intel(R) Standard Manageability See references

References

https://www.intel.com/content/www/us/en/security-center/a...

https://security.netapp.com/advisory/ntap-20221014-0004/

CVSS V3.1

Score:

6.8

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 18, 2022
Vulnerability Reserved
Jun 9, 2022