Vulnerability Description
Insufficient input validation in the subsystem for Intel(R) AMT before version 12.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
CVSS Score
9.8
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Intel | Active Management Technology Firmware | >= 12.0, < 12.0.45 |
Related Weaknesses (CWE)
References
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.Vendor Advisory
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00241.Vendor Advisory
FAQ
What is CVE-2019-11107?
CVE-2019-11107 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Insufficient input validation in the subsystem for Intel(R) AMT before version 12.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
How severe is CVE-2019-11107?
CVE-2019-11107 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2019-11107?
Check the references section above for vendor advisories and patch information. Affected products include: Intel Active Management Technology Firmware.