Improper Authentication in Intel AMT Firmware Leading to Potential Privilege Escalation
CVE-2022-29893

8.8HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Amt
Vendor: CVE Published:; 11 November 2022

What is CVE-2022-29893?

The Intel AMT firmware contains an improper authentication vulnerability that could allow an authenticated user to exploit the system via unauthorized network access, potentially enabling escalation of privileges. This issue affects multiple versions of Intel AMT firmware, posing a significant risk to system security and integrity, especially in environments where sensitive data is at stake.

Affected Version(s)

Intel(R) AMT before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 11, 2022
Vulnerability Reserved
May 11, 2022