CVE-2020-8758
Summary
| CVE | CVE-2020-8758 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2020-09-10 15:16:00 UTC |
| Updated | 2023-05-22 15:31:00 UTC |
| Description | Improper buffer restrictions in network subsystem in provisioned Intel(R) AMT and Intel(R) ISM versions before 11.8.79, 11.12.79, 11.22.79, 12.0.68 and 14.0.39 may allow an unauthenticated user to potentially enable escalation of privilege via network access. On un-provisioned systems, an authenticated user may potentially enable escalation of privilege via local access. |
Risk And Classification
Problem Types: NVD-CWE-noinfo
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Intel | Active Management Technology | All | All | All | All |
| Application | Intel | Active Management Technology | All | All | All | All |
| Operating System | Intel | Active Management Technology Firmware | All | All | All | All |
| Application | Intel | Standard Manageability | All | All | All | All |
| Application | Intel | Standard Manageability | All | All | All | All |
| Application | Netapp | Steelstore Cloud Integrated Storage | - | All | All | All |
| Application | Netapp | Steelstore Cloud Integrated Storage | - | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| CVE-2020-8758 Intel AMT Vulnerability in NetApp Products | NetApp Product Security | CONFIRM | security.netapp.com | Third Party Advisory |
| INTEL-SA-00404 | MISC | www.intel.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 38860 Intel Active Management Technology, Intel Standard Manageability Privilege Escalation Vulnerability (INTEL-SA-00404)