Vulnerability Details CVE-2020-8758
Improper buffer restrictions in network subsystem in provisioned Intel(R) AMT and Intel(R) ISM versions before 11.8.79, 11.12.79, 11.22.79, 12.0.68 and 14.0.39 may allow an unauthenticated user to potentially enable escalation of privilege via network access. On un-provisioned systems, an authenticated user may potentially enable escalation of privilege via local access.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.011
EPSS Ranking 77.3%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2020-8758
-
cpe:2.3:a:intel:standard_manageability:11.12
-
cpe:2.3:a:intel:standard_manageability:11.12.0
-
cpe:2.3:a:intel:standard_manageability:11.22
-
cpe:2.3:a:intel:standard_manageability:11.22.0
-
cpe:2.3:a:intel:standard_manageability:11.8
-
cpe:2.3:a:intel:standard_manageability:12.0
-
cpe:2.3:a:intel:standard_manageability:14.0
-
cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-
-
cpe:2.3:o:intel:active_management_technology_firmware:11.12
-
cpe:2.3:o:intel:active_management_technology_firmware:11.12.0
-
cpe:2.3:o:intel:active_management_technology_firmware:11.12.77
-
cpe:2.3:o:intel:active_management_technology_firmware:11.22
-
cpe:2.3:o:intel:active_management_technology_firmware:11.22.0
-
cpe:2.3:o:intel:active_management_technology_firmware:11.22.60
-
cpe:2.3:o:intel:active_management_technology_firmware:11.22.65
-
cpe:2.3:o:intel:active_management_technology_firmware:11.22.70
-
cpe:2.3:o:intel:active_management_technology_firmware:11.22.76
-
cpe:2.3:o:intel:active_management_technology_firmware:11.22.77
-
cpe:2.3:o:intel:active_management_technology_firmware:11.8
-
cpe:2.3:o:intel:active_management_technology_firmware:11.8.50.3420
-
cpe:2.3:o:intel:active_management_technology_firmware:11.8.60
-
cpe:2.3:o:intel:active_management_technology_firmware:11.8.65
-
cpe:2.3:o:intel:active_management_technology_firmware:11.8.70
-
cpe:2.3:o:intel:active_management_technology_firmware:11.8.76
-
cpe:2.3:o:intel:active_management_technology_firmware:11.8.77
-
cpe:2.3:o:intel:active_management_technology_firmware:12.0
-
cpe:2.3:o:intel:active_management_technology_firmware:12.0.0
-
cpe:2.3:o:intel:active_management_technology_firmware:12.0.20
-
cpe:2.3:o:intel:active_management_technology_firmware:12.0.35
-
cpe:2.3:o:intel:active_management_technology_firmware:12.0.45
-
cpe:2.3:o:intel:active_management_technology_firmware:12.0.5
-
cpe:2.3:o:intel:active_management_technology_firmware:12.0.63
-
cpe:2.3:o:intel:active_management_technology_firmware:12.0.64
-
cpe:2.3:o:intel:active_management_technology_firmware:14.0
-
cpe:2.3:o:intel:active_management_technology_firmware:14.0.0
-
cpe:2.3:o:intel:active_management_technology_firmware:14.0.10
-
cpe:2.3:o:intel:active_management_technology_firmware:14.0.32
-
cpe:2.3:o:intel:active_management_technology_firmware:14.0.33