CVE-2020-8758
First published: Thu Sep 10 2020(Updated: )
Improper buffer restrictions in network subsystem in provisioned Intel(R) AMT and Intel(R) ISM versions before 11.8.79, 11.12.79, 11.22.79, 12.0.68 and 14.0.39 may allow an unauthenticated user to potentially enable escalation of privilege via network access. On un-provisioned systems, an authenticated user may potentially enable escalation of privilege via local access.
Credit: secure@intel.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Intel Standard Manageability | >=11.8<11.8.79 | |
| Intel Standard Manageability | >=11.12<11.12.79 | |
| Intel Standard Manageability | >=11.22<11.22.79 | |
| Intel Standard Manageability | >=12.0<12.0.68 | |
| Intel Standard Manageability | >=14.0<14.0.39 | |
| Intel Active Management Technology Firmware | >=11.8<11.8.79 | |
| Intel Active Management Technology Firmware | >=11.12<11.12.79 | |
| Intel Active Management Technology Firmware | >=11.22<11.22.79 | |
| Intel Active Management Technology Firmware | >=12.0<12.0.68 | |
| Intel Active Management Technology Firmware | >=14.0<14.0.39 | |
| Netapp Steelstore Cloud Integrated Storage |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID is CVE-2020-8758.
What is the severity of CVE-2020-8758?
The severity of CVE-2020-8758 is critical with a score of 9.8.
Which versions of Intel AMT and Intel ISM are affected by CVE-2020-8758?
Intel AMT and Intel ISM versions before 11.8.79, 11.12.79, 11.22.79, 12.0.68, and 14.0.39 are affected by CVE-2020-8758.
What is the risk associated with CVE-2020-8758?
CVE-2020-8758 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
Where can I find more information about CVE-2020-8758?
You can find more information about CVE-2020-8758 at the following references: [Netapp Security Advisory](https://security.netapp.com/advisory/ntap-20200911-0005/) and [Intel Security Advisory](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00404.html).
- collector/nvd-index
- agent/description
- agent/references
- agent/severity
- agent/author
- agent/type
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/intel
- canonical/intel standard manageability
- version/intel standard manageability/11.8
- version/intel standard manageability/11.12
- version/intel standard manageability/11.22
- version/intel standard manageability/12.0
- version/intel standard manageability/14.0
- canonical/intel active management technology firmware
- version/intel active management technology firmware/11.8
- version/intel active management technology firmware/11.12
- version/intel active management technology firmware/11.22
- version/intel active management technology firmware/12.0
- version/intel active management technology firmware/14.0
- vendor/netapp
- canonical/netapp steelstore cloud integrated storage