ID CVE-2020-0595
Summary Use after free in IPv6 subsystem in Intel(R) AMT and Intel(R) ISM versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
References
Vulnerable Configurations
  • cpe:2.3:o:intel:active_management_technology_firmware:11.0:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:11.0:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:11.8.60:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:11.8.60:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:11.8.65:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:11.8.65:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:11.8.70:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:11.8.70:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:11.10:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:11.10:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:11.11.60:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:11.11.60:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:11.11.65:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:11.11.65:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:11.11.70:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:11.11.70:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:11.20:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:11.20:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:11.22.60:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:11.22.60:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:11.22.65:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:11.22.65:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:11.22.70:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:11.22.70:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:12.0:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:12.0:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:12.0.0:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:12.0.0:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:12.0.35:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:12.0.35:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:12.0.45:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:12.0.45:*:*:*:*:*:*:*
  • cpe:2.3:a:intel:service_manager:*:*:*:*:*:*:*:*
    cpe:2.3:a:intel:service_manager:*:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 18-03-2021 - 13:15)
Impact:
Exploitability:
CWE CWE-416
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
confirm
misc
Last major update 18-03-2021 - 13:15
Published 15-06-2020 - 14:15
Last modified 18-03-2021 - 13:15
Back to Top