Home/Product/intel active management technology firmware
Product

intel active management technology firmware

54 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2022-29893
< 11.8.93
Improper authentication in firmware for Intel(R) AMT before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.
8.1HIGH
 CVE-2022-27497
< 11.8.93
Null pointer dereference in firmware for Intel(R) AMT before version 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.
8.6HIGH
 CVE-2022-26845
< 11.8.93
Improper authentication in firmware for Intel(R) AMT before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.
8.7HIGH
 CVE-2021-33159
< 11.8.93
Improper authentication in subsystem for Intel(R) AMT before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1
7.4HIGH
 CVE-2022-30944
all versions
Insufficiently protected credentials for Intel(R) AMT and Intel(R) Standard Manageability may allow a privileged user to potential
5.5MEDIUM
 CVE-2022-30601
all versions
Insufficiently protected credentials for Intel(R) AMT and Intel(R) Standard Manageability may allow an unauthenticated user to pot
9.8CRITICAL
 CVE-2022-28697
all versions
Improper access control in firmware for Intel(R) AMT and Intel(R) Standard Manageability may allow an unauthenticated user to pote
6.8MEDIUM
 CVE-2021-33068
< 15.0.35
Null pointer dereference in subsystem for Intel(R) AMT before versions 15.0.35 may allow an authenticated user to potentially enab
6.5MEDIUM
 CVE-2020-8760
< 11.8.80
Integer overflow in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 14.0.45 may allow a privilege
7.8HIGH
 CVE-2020-8757
< 11.8.80
Out-of-bounds read in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow a priv
6.7MEDIUM
 CVE-2020-8754
< 11.8.80
Out-of-bounds read in subsystem for Intel(R) AMT, Intel(R) ISM versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 ma
7.5HIGH
 CVE-2020-8753
< 11.8.80
Out-of-bounds read in DHCP subsystem for Intel(R) AMT, Intel(R) ISM versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.
7.5HIGH
 CVE-2020-8752
< 11.8.80
Out-of-bounds write in IPv6 subsystem for Intel(R) AMT, Intel(R) ISM versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 14.0.45
9.8CRITICAL
 CVE-2020-8749
< 11.8.80
Out-of-bounds read in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an una
8.8HIGH
 CVE-2020-8747
< 11.8.80
Out-of-bounds read in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an una
9.1CRITICAL
 CVE-2020-8746
< 11.8.80
Integer overflow in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an unaut
6.5MEDIUM
 CVE-2020-12356
< 11.8.80
Out-of-bounds read in subsystem in Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow a privi
4.4MEDIUM
 CVE-2020-8758
>= 11.8 and < 11.8.79
Improper buffer restrictions in network subsystem in provisioned Intel(R) AMT and Intel(R) ISM versions before 11.8.79, 11.12.79,
9.8CRITICAL
 CVE-2020-8674
>= 11.0 and < 11.8.77
Out-of-bounds read in DHCPv6 subsystem in Intel(R) AMT and Intel(R)ISM versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64 and 14
5.3MEDIUM
 CVE-2020-0597
>= 11.0 and <= 11.8.76
Out-of-bounds read in IPv6 subsystem in Intel(R) AMT and Intel(R) ISM versions before 14.0.33 may allow an unauthenticated user to
7.5HIGH
 CVE-2020-0596
>= 11.0 and < 11.8.77
Improper input validation in DHCPv6 subsystem in Intel(R) AMT and Intel(R) ISM versions before 11.8.77, 11.12.77, 11.22.77 and 12.
7.5HIGH
 CVE-2020-0595
>= 11.0 and < 11.8.77
Use after free in IPv6 subsystem in Intel(R) AMT and Intel(R) ISM versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allo
9.8CRITICAL
 CVE-2020-0594
>= 11.0 and < 11.8.77
Out-of-bounds read in IPv6 subsystem in Intel(R) AMT and Intel(R) ISM versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may
9.8CRITICAL
 CVE-2020-0540
>= 11.0 and < 11.8.77
Insufficiently protected credentials in Intel(R) AMT versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthen
7.5HIGH
 CVE-2020-0538
>= 11.0 and < 11.8.77
Improper input validation in subsystem for Intel(R) AMT versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an unaut
7.5HIGH
 CVE-2020-0537
>= 11.0 and < 11.8.77
Improper input validation in subsystem for Intel(R) AMT versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow a privil
4.9MEDIUM
 CVE-2020-0535
>= 11.0 and < 11.8.77
Improper input validation in Intel(R) AMT versions before 11.8.76, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthenticated use
5.3MEDIUM
 CVE-2020-0532
>= 11.0 and < 11.8.77
Improper input validation in subsystem for Intel(R) AMT versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an unaut
7.1HIGH
 CVE-2020-0531
>= 11.0 and < 11.8.77
Improper input validation in Intel(R) AMT versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an authenticated user
6.5MEDIUM
 CVE-2019-11132
>= 11.0 and < 11.8.70
Cross site scripting in subsystem in Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow a privileged u
8.4HIGH
 CVE-2019-11131
>= 11.0 and < 11.8.70
Logic issue in subsystem in Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user
9.8CRITICAL
 CVE-2019-11107
>= 12.0 and < 12.0.45
Insufficient input validation in the subsystem for Intel(R) AMT before version 12.0.45 may allow an unauthenticated user to potent
9.8CRITICAL
 CVE-2019-11100
>= 11.0 and < 11.8.70
Insufficient input validation in the subsystem for Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow
4.6MEDIUM
 CVE-2019-11088
>= 11.0 and < 11.8.70
Insufficient input validation in subsystem in Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an un
8.8HIGH
 CVE-2019-11086
>= 12.0 and < 12.0.45
Insufficient input validation in subsystem for Intel(R) AMT before version 12.0.45 may allow an unauthenticated user to potentiall
6.8MEDIUM
 CVE-2019-0166
>= 11.0 and < 11.8.70
Insufficient input validation in the subsystem for Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow
7.5HIGH
 CVE-2019-0131
>= 11.0 and < 11.8.70
Insufficient input validation in subsystem in Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an un
8.1HIGH
 CVE-2019-0097
>= 12.0.20 and < 12.0.35
Insufficient input validation vulnerability in subsystem for Intel(R) AMT before version 12.0.35 may allow a privileged user to po
4.9MEDIUM
 CVE-2019-0096
>= 11.8.0 and < 11.8.65
Out of bound write vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an a
8.0HIGH
 CVE-2019-0094
>= 11.8.0 and < 11.8.65
Insufficient input validation vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may
4.3MEDIUM
 CVE-2019-0092
>= 11.8.0 and < 11.8.65
Insufficient input validation vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may
6.8MEDIUM
 CVE-2018-12187
>= 11.0 and < 11.8.60
Insufficient input validation in Intel(R) Active Management Technology (Intel(R) AMT) before version 11.8.60, 11.11.60, 11.22.60 o
7.5HIGH
 CVE-2018-3658
< 12.0.5
Multiple memory leaks in Intel AMT in Intel CSME firmware versions before 12.0.5 may allow an unauthenticated user with Intel AMT
5.3MEDIUM
 CVE-2018-3657
< 12.0.5
Multiple buffer overflows in Intel AMT in Intel CSME firmware versions before version 12.0.5 may allow a privileged user to potent
6.7MEDIUM
 CVE-2018-3616
< 12.0.5
Bleichenbacher-style side channel vulnerability in TLS implementation in Intel Active Management Technology before 12.0.5 may allo
5.9MEDIUM
 CVE-2018-3632
>= 6.0 and <= 11.20
Memory corruption in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 6.x / 7.x / 8.x
6.7MEDIUM
 CVE-2018-3629
>= 3.0 and <= 11.22.70
Buffer overflow in event handler in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 3
6.5MEDIUM
 CVE-2018-3628
>= 3.0 and <= 11.22.70
Buffer overflow in HTTP handler in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 3.
8.8HIGH
 CVE-2017-5729
>= 11.0 and <= 11.8.50.3420
Frame replay vulnerability in Wi-Fi subsystem in Intel Dual-Band and Tri-Band Wireless-AC Products allows remote attacker to repla
7.4HIGH
 CVE-2017-5712
all versions
Buffer overflow in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.1
7.2HIGH
 CVE-2017-5711
all versions
Multiple buffer overflows in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6
7.8HIGH
 CVE-2017-5698
all versions
Intel Active Management Technology, Intel Standard Manageability, and Intel Small Business Technology firmware versions 11.0.25.30
4.4MEDIUM
 CVE-2017-5697
>= 9.1 and < 9.1.40.1000
Insufficient clickjacking protection in the Web User Interface of Intel AMT firmware versions before 9.1.40.1000, 9.5.60.1952, 10.
6.5MEDIUM
 CVE-2017-5689
all versions
An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Tec
9.8CRITICAL
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin