VDB
CVE-2020-8674
CVE-2020-8674
PUBLISHED
CVSS 5.300000190734863 MEDIUM
Out-of-bounds read in DHCPv6 subsystem in Intel(R) AMT and Intel(R)ISM versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64 and 14.0.33 may allow an unauthenticated user to potentially enable information disclosure via network access.
EPSS 1.25% · 79.7th percentile
Risk Scores
CVSS 3.1
5.300000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
EPSS Score
1.25%
79.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| intel | active_management_technology_firmware | 12.0, 11.0, 11.10 |
| intel | service_manager | 11.20, 11.10, 12.0 |
| n/a | Intel(R) AMT and Intel(R) ISM | See provided reference |
Exploit Intelligence
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html (circl)
- https://security.netapp.com/advisory/ntap-20200611-0007/ (circl)
- VU#257161 (circl)
- https://www.synology.com/security/advisory/Synology_SA_20_15 (circl)
- https://support.lenovo.com/de/en/product_security/len-30041 (circl)
Timeline
- Jun 9, 2020 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
- Jan 8, 2023 EPSS Score
References
- https://security.netapp.com/advisory/ntap-20200611-0007/ technical
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00366.html advisory
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html advisory
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00322.html advisory
- https://software.intel.com/security-software-guidance/processors-affected-transient-execution-attack-mitigation-product-cpu-model advisory
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00320.html advisory
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00266.html advisory
- VU#257161 third-party-advisory
- https://www.synology.com/security/advisory/Synology_SA_20_15 url
- https://support.lenovo.com/de/en/product_security/len-30041 url
- https://nvd.nist.gov/vuln/detail/CVE-2020-8674 advisory
- https://security.netapp.com/advisory/ntap-20200611-0007 url