PT-2020-4734 · Intel · Intel Ism+1
Published
2020-11-10
·
Updated
2023-05-22
·
CVE-2020-8754
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
Intel(R) AMT, Intel(R) ISM versions before 11.8.80
Intel(R) AMT, Intel(R) ISM versions before 11.12.80
Intel(R) AMT, Intel(R) ISM versions before 11.22.80
Intel(R) AMT, Intel(R) ISM versions before 12.0.70
Intel(R) AMT, Intel(R) ISM versions before 14.0.45
Description:
The issue is related to an out-of-bounds read in the subsystem for Intel(R) AMT and Intel(R) ISM, which may allow an unauthenticated user to potentially enable information disclosure via network access. This could allow a remote attacker to gain unauthorized access to protected information.
Recommendations:
For versions before 11.8.80, update to version 11.8.80 or later.
For versions before 11.12.80, update to version 11.12.80 or later.
For versions before 11.22.80, update to version 11.22.80 or later.
For versions before 12.0.70, update to version 12.0.70 or later.
For versions before 14.0.45, update to version 14.0.45 or later.
Fix
Out of bounds Read
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Intel Amt
Intel Ism