Intel Manageability Engine Firmware vulnerabilities
8 known vulnerabilities affecting intel/manageability_engine_firmware.
Total CVEs
8
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH4MEDIUM4
Vulnerabilities
Page 1 of 1
CVE-2018-3658MEDIUMCVSS 5.3≥ 9.0.0.0, < 11.02018-09-12
CVE-2018-3658 [MEDIUM] CWE-772 CVE-2018-3658: Multiple memory leaks in Intel AMT in Intel CSME firmware versions before 12.0.5 may allow an unauth
Multiple memory leaks in Intel AMT in Intel CSME firmware versions before 12.0.5 may allow an unauthenticated user with Intel AMT provisioned to potentially cause a partial denial of service via network access.
nvd
CVE-2018-3616MEDIUMCVSS 5.9≥ 9.0.0.0, < 11.02018-09-12
CVE-2018-3616 [MEDIUM] CVE-2018-3616: Bleichenbacher-style side channel vulnerability in TLS implementation in Intel Active Management Tec
Bleichenbacher-style side channel vulnerability in TLS implementation in Intel Active Management Technology before 12.0.5 may allow an unauthenticated user to potentially obtain the TLS session key via the network.
nvd
CVE-2018-3657MEDIUMCVSS 6.7≥ 9.0.0.0, < 11.02018-09-12
CVE-2018-3657 [MEDIUM] CWE-119 CVE-2018-3657: Multiple buffer overflows in Intel AMT in Intel CSME firmware versions before version 12.0.5 may all
Multiple buffer overflows in Intel AMT in Intel CSME firmware versions before version 12.0.5 may allow a privileged user to potentially execute arbitrary code with Intel AMT execution privilege via local access.
nvd
CVE-2017-5708HIGHCVSS 7.8v11.0v11.5+4 more2017-11-21
CVE-2017-5708 [HIGH] CVE-2017-5708: Multiple privilege escalations in kernel in Intel Manageability Engine Firmware 11.0/11.5/11.6/11.7/
Multiple privilege escalations in kernel in Intel Manageability Engine Firmware 11.0/11.5/11.6/11.7/11.10/11.20 allow unauthorized process to access privileged content via unspecified vector.
nvd
CVE-2017-5705HIGHCVSS 7.8v11.0v11.5+4 more2017-11-21
CVE-2017-5705 [HIGH] CWE-119 CVE-2017-5705: Multiple buffer overflows in kernel in Intel Manageability Engine Firmware 11.0/11.5/11.6/11.7/11.10
Multiple buffer overflows in kernel in Intel Manageability Engine Firmware 11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the system to execute arbitrary code.
nvd
CVE-2017-5711HIGHCVSS 7.8≥ 8.0.0.0, ≤ 8.1.71.3608≥ 9.0.0.0, ≤ 9.1.41.3024+7 more2017-11-21
CVE-2017-5711 [HIGH] CWE-119 CVE-2017-5711: Multiple buffer overflows in Active Management Technology (AMT) in Intel Manageability Engine Firmwa
Multiple buffer overflows in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the system to execute arbitrary code with AMT execution privilege.
nvd
CVE-2017-5712HIGHCVSS 7.2≥ 8.0.0.0, ≤ 8.1.71.3608≥ 9.0.0.0, ≤ 9.1.41.3024+7 more2017-11-21
CVE-2017-5712 [HIGH] CWE-119 CVE-2017-5712: Buffer overflow in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x
Buffer overflow in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allows attacker with remote Admin access to the system to execute arbitrary code with AMT execution privilege.
nvd
CVE-2017-5698MEDIUMCVSS 4.4v11.0.25.3001v11.0.26.30002017-09-05
CVE-2017-5698 [MEDIUM] CVE-2017-5698: Intel Active Management Technology, Intel Standard Manageability, and Intel Small Business Technolog
Intel Active Management Technology, Intel Standard Manageability, and Intel Small Business Technology firmware versions 11.0.25.3001 and 11.0.26.3000 anti-rollback will not prevent upgrading to firmware version 11.6.x.1xxx which is vulnerable to CVE-2017-5689 and can be performed by a local user with administrative privileges.
nvd