PT-2022-4355 · Intel · Open Amt Cloud Toolkit

Matt Primrose

Published

2022-08-09

Updated

2025-12-04

CVE-2022-25899

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Open AMT Cloud Toolkit versions prior to 2.0.2 Open AMT Cloud Toolkit versions prior to 2.2.2

Description The issue is related to an authentication bypass in the Open AMT Cloud Toolkit software. This could potentially allow an unauthenticated user to escalate privileges via network access. The vulnerability is associated with weaknesses in the authentication procedure, which can be exploited by a remote attacker to gain elevated privileges.

Recommendations For versions prior to 2.0.2, update to version 2.0.2 or later to resolve the issue. For versions prior to 2.2.2, update to version 2.2.2 or later to resolve the issue.

Fix

Improper Authentication

Incorrect Default Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287CWE-276

Related Identifiers

BDU:2022-05215

CVE-2022-25899

Affected Products

Open Amt Cloud Toolkit

PT-2022-4355 · Intel · Open Amt Cloud Toolkit

CVE-2022-25899

Weakness Enumeration

Related Identifiers

Affected Products

References · 7