Shodan
Vulnerabilities
Vulnerable Software
Intel:  >> Active Management Technology Firmware  >> 11.2  Security Vulnerabilities
CVE-2019-11088
Insufficient input validation in subsystem in Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
CVSS Score
8.8
EPSS Score
0.002
Published
2019-12-18
CVE-2019-11100
Insufficient input validation in the subsystem for Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable information disclosure via physical access.
CVSS Score
4.6
EPSS Score
0.003
Published
2019-12-18
CVE-2019-0131
Insufficient input validation in subsystem in Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable denial of service or information disclosure via adjacent access.
CVSS Score
8.1
EPSS Score
0.002
Published
2019-12-18
CVE-2019-0166
Insufficient input validation in the subsystem for Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable information disclosure via network access.
CVSS Score
7.5
EPSS Score
0.009
Published
2019-12-18
CVE-2018-12187
Insufficient input validation in Intel(R) Active Management Technology (Intel(R) AMT) before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 may allow an unauthenticated user to potentially cause a denial of service via network access.
CVSS Score
7.5
EPSS Score
0.003
Published
2019-03-14
CVE-2018-3616
Bleichenbacher-style side channel vulnerability in TLS implementation in Intel Active Management Technology before 12.0.5 may allow an unauthenticated user to potentially obtain the TLS session key via the network.
CVSS Score
5.9
EPSS Score
0.019
Published
2018-09-12
CVE-2018-3657
Multiple buffer overflows in Intel AMT in Intel CSME firmware versions before version 12.0.5 may allow a privileged user to potentially execute arbitrary code with Intel AMT execution privilege via local access.
CVSS Score
6.7
EPSS Score
0.008
Published
2018-09-12
CVE-2018-3658
Multiple memory leaks in Intel AMT in Intel CSME firmware versions before 12.0.5 may allow an unauthenticated user with Intel AMT provisioned to potentially cause a partial denial of service via network access.
CVSS Score
5.3
EPSS Score
0.012
Published
2018-09-12
CVE-2018-3628
Buffer overflow in HTTP handler in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 3.x, 4.x, 5.x, 6.x, 7.x, 8.x, 9.x, 10.x, and 11.x may allow an attacker to execute arbitrary code via the same subnet.
CVSS Score
8.8
EPSS Score
0.005
Published
2018-07-10
CVE-2018-3629
Buffer overflow in event handler in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 3.x, 4.x, 5.x, 6.x, 7.x, 8.x, 9.x, 10.x, and 11.x may allow an attacker to cause a denial of service via the same subnet.
CVSS Score
6.5
EPSS Score
0.009
Published
2018-07-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved