CVE-2020-8758

Name of the Vulnerable Software and Affected Versions: Intel(R) AMT versions prior to 11.8.79 Intel(R) AMT versions prior to 11.12.79 Intel(R) AMT versions prior to 11.22.79 Intel(R) AMT versions prior to 12.0.68 Intel(R) AMT versions prior to 14.0.39 Intel(R) ISM versions prior to 11.8.79 Intel(R) ISM versions prior to 11.12.79 Intel(R) ISM versions prior to 11.22.79 Intel(R) ISM versions prior to 12.0.68 Intel(R) ISM versions prior to 14.0.39

Description: The issue is related to improper buffer restrictions in the network subsystem of Intel(R) AMT and Intel(R) ISM, which may allow an unauthenticated user to potentially enable escalation of privilege via network access. On un-provisioned systems, an authenticated user may potentially enable escalation of privilege via local access. The vulnerability is associated with a buffer overflow in memory, which can be exploited by a remote attacker to elevate their privileges.

Recommendations: For Intel(R) AMT versions prior to 11.8.79, update to version 11.8.79 or later. For Intel(R) AMT versions prior to 11.12.79, update to version 11.12.79 or later. For Intel(R) AMT versions prior to 11.22.79, update to version 11.22.79 or later. For Intel(R) AMT versions prior to 12.0.68, update to version 12.0.68 or later. For Intel(R) AMT versions prior to 14.0.39, update to version 14.0.39 or later. For Intel(R) ISM versions prior to 11.8.79, update to version 11.8.79 or later. For Intel(R) ISM versions prior to 11.12.79, update to version 11.12.79 or later. For Intel(R) ISM versions prior to 11.22.79, update to version 11.22.79 or later. For Intel(R) ISM versions prior to 12.0.68, update to version 12.0.68 or later. For Intel(R) ISM versions prior to 14.0.39, update to version 14.0.39 or later.