CVE-2020-8754

Published: Nov 12, 2020Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

Out-of-bounds read in subsystem for Intel(R) AMT, Intel(R) ISM versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an unauthenticated user to potentially enable information disclosure via network access.

Affected (11)

Products: Intel: Active Management Technology Firmware, Standard Manageability · Netapp: Cloud Backup

Intel

2 products

Active Management Technology Firmware

Standard Manageability

Netapp

1 product

Cloud Backup

Configuration A

5 vulnerable

Vulnerable Software	Affected Versions
Intel Active Management Technology Firmware	Before 11.8.80
Intel Active Management Technology Firmware	From 11.12.0 to 11.12.80
Intel Active Management Technology Firmware	From 11.22.0 to 11.22.80
Intel Active Management Technology Firmware	From 12.0 to 12.0.70
Intel Active Management Technology Firmware	From 14.0 to 14.0.45

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Netapp Cloud Backup	All versions

Configuration C

5 vulnerable

Vulnerable Software	Affected Versions
Intel Standard Manageability	Before 11.8.80
Intel Standard Manageability	From 11.12.0 to 11.12.80
Intel Standard Manageability	From 11.22.0 to 11.22.80
Intel Standard Manageability	From 12.0 to 12.0.70
Intel Standard Manageability	From 14.0 to 14.0.45