CVE-2019-0096
Published May 17, 2019
Last updated a year ago
Overview
- Description
- Out of bound write vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an authenticated user to potentially enable escalation of privilege via adjacent network access.
- Source
- secure@intel.com
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 8
- Impact score
- 5.9
- Exploitability score
- 2.1
- Vector string
- CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 5.2
- Impact score
- 6.4
- Exploitability score
- 5.1
- Vector string
- AV:A/AC:L/Au:S/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-787
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:intel:active_management_technology_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D0FD2059-FA89-4010-89C3-1B5BD11E882B",
"versionEndExcluding": "11.8.65",
"versionStartIncluding": "11.8.0"
},
{
"criteria": "cpe:2.3:o:intel:active_management_technology_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6A856CF2-8F1D-47C1-939A-F86919F3C2D0",
"versionEndExcluding": "11.11.65",
"versionStartIncluding": "11.11.0"
},
{
"criteria": "cpe:2.3:o:intel:active_management_technology_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B6C8C1CA-C2EF-485B-A711-426CFBDE5AA5",
"versionEndExcluding": "11.22.65",
"versionStartIncluding": "11.22.0"
},
{
"criteria": "cpe:2.3:o:intel:active_management_technology_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9FED09AD-4EEE-4D93-A7EA-DC96F706814F",
"versionEndExcluding": "12.0.35",
"versionStartIncluding": "12.0"
}
],
"operator": "OR"
}
]
}
]