Overview
- Description
- An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features gaining unprivileged network or local system privileges on Intel manageability SKUs: Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT).
- Source
- secure@intel.com
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
CVSS 2.0
- Type
- Primary
- Base score
- 10
- Impact score
- 10
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:C/I:C/A:C
Known exploits
Data from CISA
- Vulnerability name
- Intel Active Management Technology (AMT), Small Business Technology (SBT), and Standard Manageability Privilege Escalation Vulnerability
- Exploit added on
- Jan 28, 2022
- Exploit action due
- Jul 28, 2022
- Required action
- Apply updates per vendor instructions.
Weaknesses
- nvd@nist.gov
- NVD-CWE-noinfo
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:active_management_technology_firmware:6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BD4D2787-FA10-4B06-BC00-B869FB16A424"
},
{
"criteria": "cpe:2.3:o:intel:active_management_technology_firmware:6.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C11D072B-B549-4352-B0E5-2E7C1923161E"
},
{
"criteria": "cpe:2.3:o:intel:active_management_technology_firmware:6.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EED42746-4191-4188-8BAD-4A23B4D6B242"
},
{
"criteria": "cpe:2.3:o:intel:active_management_technology_firmware:7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "52652BE3-F695-42FB-A6FF-4A51DBA6789B"
},
{
"criteria": "cpe:2.3:o:intel:active_management_technology_firmware:7.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BD06FA87-E538-4492-9031-068CA05E63CB"
},
{
"criteria": "cpe:2.3:o:intel:active_management_technology_firmware:8.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CFFABA0B-46E6-4F2B-BA13-A48BF2587F68"
},
{
"criteria": "cpe:2.3:o:intel:active_management_technology_firmware:8.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4290CDD9-8D27-46AD-BEFC-36827FA4A348"
},
{
"criteria": "cpe:2.3:o:intel:active_management_technology_firmware:9.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "09936A93-41E2-4293-B88B-4B7ED4E6FD44"
},
{
"criteria": "cpe:2.3:o:intel:active_management_technology_firmware:9.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A8855E63-AE6C-44A7-A2FE-7E4791C69BD4"
},
{
"criteria": "cpe:2.3:o:intel:active_management_technology_firmware:9.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7E92AF85-322D-4587-B393-62172EA51D62"
},
{
"criteria": "cpe:2.3:o:intel:active_management_technology_firmware:10.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BF833CF3-0170-491D-AEDB-33003B35B47B"
},
{
"criteria": "cpe:2.3:o:intel:active_management_technology_firmware:11.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6C27CD90-E986-4A89-B63E-1E3D2C62FBB3"
},
{
"criteria": "cpe:2.3:o:intel:active_management_technology_firmware:11.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4B71755C-4B29-4947-A436-1658097CD3F6"
},
{
"criteria": "cpe:2.3:o:intel:active_management_technology_firmware:11.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "86388428-3285-4BC8-B0F2-2049B07711F0"
}
],
"operator": "OR"
}
]
}
]