Vulnerabilities > Intel > Active Management Technology Firmware

DATE CVE VULNERABILITY TITLE RISK
2020-06-15 CVE-2020-0596 Improper Input Validation vulnerability in Intel products
Improper input validation in DHCPv6 subsystem in Intel(R) AMT and Intel(R) ISM versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthenticated user to potentially enable information disclosure via network access.
network
low complexity
intel CWE-20
5.0
5.0
2020-06-15 CVE-2020-0595 Use After Free vulnerability in Intel products
Use after free in IPv6 subsystem in Intel(R) AMT and Intel(R) ISM versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
network
low complexity
intel CWE-416
7.5
7.5
2020-06-15 CVE-2020-0594 Out-of-bounds Read vulnerability in Intel products
Out-of-bounds read in IPv6 subsystem in Intel(R) AMT and Intel(R) ISM versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
network
low complexity
intel CWE-125
7.5
7.5
2020-06-15 CVE-2020-0540 Insufficiently Protected Credentials vulnerability in Intel Active Management Technology Firmware
Insufficiently protected credentials in Intel(R) AMT versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthenticated user to potentially enable information disclosure via network access.
network
low complexity
intel CWE-522
5.0
5.0
2020-06-15 CVE-2020-0538 Improper Input Validation vulnerability in Intel Active Management Technology Firmware
Improper input validation in subsystem for Intel(R) AMT versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthenticated user to potentially enable denial of service via network access.
network
low complexity
intel CWE-20
5.0
5.0
2020-06-15 CVE-2020-0537 Improper Input Validation vulnerability in Intel Active Management Technology Firmware
Improper input validation in subsystem for Intel(R) AMT versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow a privileged user to potentially enable denial of service via network access.
network
low complexity
intel CWE-20
4.0
4.0
2020-06-15 CVE-2020-0535 Improper Input Validation vulnerability in Intel Active Management Technology Firmware
Improper input validation in Intel(R) AMT versions before 11.8.76, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthenticated user to potentially enable information disclosure via network access.
network
low complexity
intel CWE-20
5.0
5.0
2020-06-15 CVE-2020-0532 Improper Input Validation vulnerability in Intel Active Management Technology Firmware
Improper input validation in subsystem for Intel(R) AMT versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthenticated user to potentially enable denial of service or information disclosure via adjacent access.
low complexity
intel CWE-20
4.8
4.8
2020-06-15 CVE-2020-0531 Improper Input Validation vulnerability in Intel Active Management Technology Firmware
Improper input validation in Intel(R) AMT versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an authenticated user to potentially enable information disclosure via network access.
network
low complexity
intel CWE-20
4.0
4.0
2019-12-18 CVE-2019-11132 Cross-site Scripting vulnerability in Intel Active Management Technology Firmware
Cross site scripting in subsystem in Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow a privileged user to potentially enable escalation of privilege via network access.
network
intel CWE-79
6.8
6.8