CRITICAL✓ PATCH🇬🇧 English

CVE-2020-8758

CVSS 9.8v3.1pub. 2020-09-10upd. 2024-11-21

Improper buffer restrictions in network subsystem in provisioned Intel(R) AMT and Intel(R) ISM versions before 11.8.79, 11.12.79, 11.22.79, 12.0.68 and 14.0.39 may allow an unauthenticated user to potentially enable escalation of privilege via network access. On un-provisioned systems, an authenticated user may potentially enable escalation of privilege via local access.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Intel Active Management Technology Firmware

    OS
    Intel
    11.8 – 11.8.79 (bez)11.12 – 11.12.79 (bez)11.22 – 11.22.79 (bez)12.0 – 12.0.68 (bez)14.0 – 14.0.39 (bez)
  • Intel Standard Manageability

    APP
    Intel
    11.8 – 11.8.79 (bez)11.12 – 11.12.79 (bez)11.22 – 11.22.79 (bez)12.0 – 12.0.68 (bez)14.0 – 14.0.39 (bez)
  • Netapp Steelstore Cloud Integrated Storage

    APP
    Netapp
    wszystkie wersje
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
CWE
Referencje

Powiązane podatności

CVE-2017-5689CRITICAL9.8⚠ KEVten sam produkt

An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel A...

CVE-2022-30601CRITICAL9.8ten sam produkt

Insufficiently protected credentials for Intel(R) AMT and Intel(R) Standard Manageability may allow an unauthe...

CVE-2020-8752CRITICAL9.8ten sam produkt

Out-of-bounds write in IPv6 subsystem for Intel(R) AMT, Intel(R) ISM versions before 11.8.80, 11.12.80, 11.22....

CVE-2020-8747CRITICAL9.1ten sam produkt

Out-of-bounds read in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0...

CVE-2020-0594CRITICAL9.8ten sam produkt

Out-of-bounds read in IPv6 subsystem in Intel(R) AMT and Intel(R) ISM versions before 11.8.77, 11.12.77, 11.22...