CVE-2020-8758

Improper buffer restrictions in network subsystem in provisioned Intel(R) AMT and Intel(R) ISM versions before 11.8.79, 11.12.79, 11.22.79, 12.0.68 and 14.0.39 may allow an unauthenticated user to potentially enable escalation of privilege via network access. On un-provisioned systems, an authenticated user may potentially enable escalation of privilege via local access.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
intelCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 77%
VendorProductVersion
intelstandard_manageability
11.8 ≤
𝑥
< 11.8.79
intelstandard_manageability
11.12 ≤
𝑥
< 11.12.79
intelstandard_manageability
11.22 ≤
𝑥
< 11.22.79
intelstandard_manageability
12.0 ≤
𝑥
< 12.0.68
intelstandard_manageability
14.0 ≤
𝑥
< 14.0.39
intelactive_management_technology_firmware
11.8 ≤
𝑥
< 11.8.79
intelactive_management_technology_firmware
11.12 ≤
𝑥
< 11.12.79
intelactive_management_technology_firmware
11.22 ≤
𝑥
< 11.22.79
intelactive_management_technology_firmware
12.0 ≤
𝑥
< 12.0.68
intelactive_management_technology_firmware
14.0 ≤
𝑥
< 14.0.39
netappsteelstore_cloud_integrated_storage
-
𝑥
= Vulnerable software versions
References
https://security.netapp.com/advisory/ntap-20200911-0005/
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00404.html
https://security.netapp.com/advisory/ntap-20200911-0005/
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00404.html