CVE-2020-8753

Name of the Vulnerable Software and Affected Versions: Intel(R) AMT versions prior to 11.8.80 Intel(R) AMT versions prior to 11.12.80 Intel(R) AMT versions prior to 11.22.80 Intel(R) AMT versions prior to 12.0.70 Intel(R) AMT versions prior to 14.0.45 Intel(R) ISM versions prior to 11.8.80 Intel(R) ISM versions prior to 11.12.80 Intel(R) ISM versions prior to 11.22.80 Intel(R) ISM versions prior to 12.0.70 Intel(R) ISM versions prior to 14.0.45

Description: The issue is related to an out-of-bounds read in the DHCP subsystem for Intel(R) AMT and Intel(R) ISM. This may allow an unauthenticated user to potentially enable information disclosure via network access. The vulnerability exists due to reading data beyond the specified buffer, which can be exploited by a remote attacker to disclose protected information.

Recommendations: For Intel(R) AMT and Intel(R) ISM versions prior to 11.8.80, update to version 11.8.80 or later. For Intel(R) AMT and Intel(R) ISM versions prior to 11.12.80, update to version 11.12.80 or later. For Intel(R) AMT and Intel(R) ISM versions prior to 11.22.80, update to version 11.22.80 or later. For Intel(R) AMT and Intel(R) ISM versions prior to 12.0.70, update to version 12.0.70 or later. For Intel(R) AMT and Intel(R) ISM versions prior to 14.0.45, update to version 14.0.45 or later.