PT-2020-4744 · Intel · Intel Amt Sdk

Published

2020-11-10

Updated

2020-11-24

CVE-2020-12354

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Intel AMT SDK versions prior to 14.0.0.1

Description: The issue is related to incorrect default permissions in the Windows installer of the Intel AMT SDK, which may allow an authenticated user to potentially enable escalation of privilege via local access. The vulnerability is associated with errors in processing permissions. Exploitation of the vulnerability may allow an attacker to elevate their privileges.

Recommendations: For versions prior to 14.0.0.1, update to version 14.0.0.1 or later to resolve the issue.

Fix

Incorrect Default Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-276CWE-275

Related Identifiers

BDU:2020-05296

CVE-2020-12354

Affected Products

Intel Amt Sdk

PT-2020-4744 · Intel · Intel Amt Sdk

CVE-2020-12354

Weakness Enumeration

Related Identifiers

Affected Products

References · 6