Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Active_management_technology_firmware
(Intel)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 54 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2020-11-12 | CVE-2020-12356 | Out-of-bounds read in subsystem in Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow a privileged user to potentially enable information disclosure via local access. | Active_management_technology_firmware, Cloud_backup | 4.4 | ||
2019-05-17 | CVE-2019-0097 | Insufficient input validation vulnerability in subsystem for Intel(R) AMT before version 12.0.35 may allow a privileged user to potentially enable denial of service via network access. | Active_management_technology_firmware | 4.9 | ||
2020-06-15 | CVE-2020-0595 | Use after free in IPv6 subsystem in Intel(R) AMT and Intel(R) ISM versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthenticated user to potentially enable escalation of privilege via network access. | Active_management_technology_firmware, Service_manager | 9.8 | ||
2020-06-15 | CVE-2020-0594 | Out-of-bounds read in IPv6 subsystem in Intel(R) AMT and Intel(R) ISM versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthenticated user to potentially enable escalation of privilege via network access. | Active_management_technology_firmware, Service_manager | 9.8 | ||
2018-07-10 | CVE-2018-3632 | Memory corruption in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 6.x / 7.x / 8.x / 9.x / 10.x / 11.0 / 11.5 / 11.6 / 11.7 / 11.10 / 11.20 could be triggered by an attacker with local administrator permission on the system. | Active_management_technology_firmware | N/A | ||
2018-07-10 | CVE-2018-3629 | Buffer overflow in event handler in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 3.x, 4.x, 5.x, 6.x, 7.x, 8.x, 9.x, 10.x, and 11.x may allow an attacker to cause a denial of service via the same subnet. | Active_management_technology_firmware | N/A | ||
2018-07-10 | CVE-2018-3628 | Buffer overflow in HTTP handler in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 3.x, 4.x, 5.x, 6.x, 7.x, 8.x, 9.x, 10.x, and 11.x may allow an attacker to execute arbitrary code via the same subnet. | Active_management_technology_firmware | N/A | ||
2020-06-15 | CVE-2020-0596 | Improper input validation in DHCPv6 subsystem in Intel(R) AMT and Intel(R) ISM versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthenticated user to potentially enable information disclosure via network access. | Active_management_technology_firmware, Service_manager | N/A | ||
2020-06-15 | CVE-2020-0540 | Insufficiently protected credentials in Intel(R) AMT versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthenticated user to potentially enable information disclosure via network access. | Active_management_technology_firmware | N/A | ||
2020-06-15 | CVE-2020-0538 | Improper input validation in subsystem for Intel(R) AMT versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthenticated user to potentially enable denial of service via network access. | Active_management_technology_firmware | N/A |