Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Intel Active Management Technology Multiple Vulnerabilities (INTEL-SA-00295)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
Potential security vulnerabilities in Intel Active Management Technology (AMT) may allow escalation of privilege, denial of service or information disclosure.
Insight
Insight
Intel Active Management Technology is prone to multiple vulnerabilities: - Improper input validation may allow an authenticated user to potentially enable information disclosure via network access. (CVE-2020-0531) - Improper input validation may allow an unauthenticated user to potentially enable denial of service or information disclosure via adjacent access. (CVE-2020-0532) - Improper input validation may allow a privileged user to potentially enable denial of service via network access. (CVE-2020-0537) - Improper input validation may allow an unauthenticated user to potentially enable denial of service via network access. (CVE-2020-0538) - Insufficiently protected credentials may allow an unauthenticated user to potentially enable information disclosure via network access. (CVE-2020-0540) - Out-of-bounds read in IPv6 subsystem may allow an unauthenticated user to potentially enable escalation of privilege via network access. (CVE-2020-0594) - Use after free in IPv6 subsystem may allow an unauthenticated user to potentially enable escalation of privilege via network access. (CVE-2020-0595) - Improper input validation in DHCPv6 subsystem may allow an unauthenticated user to potentially enable information disclosure via network access. (CVE-2020-0596)
Affected Software
Affected Software
Intel Active Management Technology versions 11.0 through 11.8.76, 11.10 through 11.11.76, 11.20 through 11.22.76 and 12.0 through 12.0.63.
Detection Method
Detection Method
Checks if a vulnerable version is present on the target host.
Solution
Solution
Upgrade to version 11.8.77, 11.11.77, 11.22.77, 12.0.64 or later.