Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.8
CVSSv3

CVE-2020-8758

Published: 10/09/2020 Updated: 22/05/2023
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Standard Manageability

Vulnerability Summary

Improper buffer restrictions in network subsystem in provisioned Intel(R) AMT and Intel(R) ISM versions prior to 11.8.79, 11.12.79, 11.22.79, 12.0.68 and 14.0.39 may allow an unauthenticated user to potentially enable escalation of privilege via network access. On un-provisioned systems, an authenticated user may potentially enable escalation of privilege via local access.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

intel standard manageability

intel active management technology firmware

netapp steelstore cloud integrated storage -

Vendor Advisories

HP: SUPPORT COMMUNICATION- SECURITY BULLETIN HPSBHF03685 rev. 2 - Intel® AMT and Intel® ISM September 2020 Security Updates
Intel® has informed HP of potential security vulnerabilities identified in the Intel® Active Management Technology (AMT) and Intel® Standard Manageability (ISM) that may allow escalation of privilege ...
HP: SUPPORT COMMUNICATION- SECURITY BULLETIN HPSBHF03685 rev. 2 - Intel® AMT and Intel® ISM September 2020 Security Updates
Intel® has informed HP of potential security vulnerabilities identified in the Intel® Active Management Technology (AMT) and Intel® Standard Manageability (ISM) that may allow escalation of privilege ...

Recent Articles

Enjoyed the US Labor Day weekend? Because it's September 2020 and Exchange Server can be pwned via email
The Register • Shaun Nichols in San Francisco • 08 Sep 2020

Don't be so smug, Mac users, you're open to an InDesign project file

A nightmare flaw for Exchange Server headlines this month's Patch Tuesday lineup from Microsoft and others. September sees a bundle of 129 CVE-listed flaws patched by Microsoft. The vast majority of those, 105 in total, are classified as 'important' risks. Another 23 are considered critical bugs, and one is listed as moderate. None of the bugs have public exploit code or in-the-wild attacks yet. Of the nearly two-dozen critical patches, Zero Day Initiative's Dustin Childs says that far and away ...

Read more...

References

NVD-CWE-noinfohttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00404.htmlhttps://security.netapp.com/advisory/ntap-20200911-0005/https://nvd.nist.govhttps://www.theregister.co.uk/2020/09/08/patch_tuesday_september/https://support.hp.com//us-en/document/c06884774
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionCVE-2006-4304CVE-2023-26603CVE-2024-28327CVE-2023-50363CVE-2024-21905template injectionCVE-2024-3400cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook