Intel Active Management Technology Multiple Vulnerabilities (INTEL-SA-00295)

Potential security vulnerabilities in Intel Active Management Technology (AMT) may allow escalation of privilege, denial of service or information disclosure.

Intel Active Management Technology is prone to multiple vulnerabilities: - Improper input validation may allow an authenticated user to potentially enable information disclosure via network access. (CVE-2020-0531) - Improper input validation may allow an unauthenticated user to potentially enable denial of service or information disclosure via adjacent access. (CVE-2020-0532) - Improper input validation may allow a privileged user to potentially enable denial of service via network access. (CVE-2020-0537) - Improper input validation may allow an unauthenticated user to potentially enable denial of service via network access. (CVE-2020-0538) - Insufficiently protected credentials may allow an unauthenticated user to potentially enable information disclosure via network access. (CVE-2020-0540) - Out-of-bounds read in IPv6 subsystem may allow an unauthenticated user to potentially enable escalation of privilege via network access. (CVE-2020-0594) - Use after free in IPv6 subsystem may allow an unauthenticated user to potentially enable escalation of privilege via network access. (CVE-2020-0595) - Improper input validation in DHCPv6 subsystem may allow an unauthenticated user to potentially enable information disclosure via network access. (CVE-2020-0596)

Intel Active Management Technology versions 11.0 through 11.8.76, 11.10 through 11.11.76, 11.20 through 11.22.76 and 12.0 through 12.0.63.

Checks if a vulnerable version is present on the target host.

Upgrade to version 11.8.77, 11.11.77, 11.22.77, 12.0.64 or later.