Vulnerability Description
Improper buffer restrictions in network subsystem in provisioned Intel(R) AMT and Intel(R) ISM versions before 11.8.79, 11.12.79, 11.22.79, 12.0.68 and 14.0.39 may allow an unauthenticated user to potentially enable escalation of privilege via network access. On un-provisioned systems, an authenticated user may potentially enable escalation of privilege via local access.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Intel | Standard Manageability | >= 11.8, < 11.8.79 |
| Intel | Active Management Technology Firmware | >= 11.8, < 11.8.79 |
| Netapp | Steelstore Cloud Integrated Storage | - |
References
- https://security.netapp.com/advisory/ntap-20200911-0005/Third Party Advisory
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00404.Vendor Advisory
- https://security.netapp.com/advisory/ntap-20200911-0005/Third Party Advisory
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00404.Vendor Advisory
FAQ
What is CVE-2020-8758?
CVE-2020-8758 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Improper buffer restrictions in network subsystem in provisioned Intel(R) AMT and Intel(R) ISM versions before 11.8.79, 11.12.79, 11.22.79, 12.0.68 and 14.0.39 may allow an unauthenticated user to pot...
How severe is CVE-2020-8758?
CVE-2020-8758 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2020-8758?
Check the references section above for vendor advisories and patch information. Affected products include: Intel Standard Manageability, Intel Active Management Technology Firmware, Netapp Steelstore Cloud Integrated Storage.