CVE-2020-8746 Vulnerability Analysis & Exploit Details

CVE-2020-8746 Vulnerability Summary

CVE-2020-8746: Integer overflow in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an unauthenticated user to potentially enable denial of service via adjacent access.

Exploit Prediction Scoring System (EPSS)

The EPSS score estimates the probability that this vulnerability will be exploited in the near future.

EPSS Score: 0.07% (probability of exploit)

EPSS Percentile: 33.82% (lower percentile = lower relative risk)
This vulnerability is less risky than approximately 66.18% of others.

CVE-2020-8746 References

External References

• https://security.netapp.com/advisory/ntap-20201113-0003/
• https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00391
• https://security.netapp.com/advisory/ntap-20201113-0003/
• https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00391

CWE Common Weakness Enumeration

CAPEC Common Attack Pattern Enumeration and Classification

• Forced Integer Overflow CAPEC-92 This attack forces an integer variable to go out of range. The integer variable is often used as an offset such as size of memory allocation or similarly. The attacker would typically control the value of such variable and try to get it out of range. For instance the integer in question is incremented past the maximum possible value, it may wrap to become a very small, or negative number, therefore providing a very incorrect value which can lead to unexpected behavior. At worst the attacker can execute arbitrary code.

Vulnerable Configurations

• cpe:2.3:o:intel:active_management_technology_firmware:-:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:-:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:1.0:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:1.0:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:2.0:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:2.0:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:2.1:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:2.1:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:2.2:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:2.2:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:2.5:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:2.5:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:2.6:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:2.6:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:3.0:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:3.0:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:3.1:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:3.1:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:3.2:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:3.2:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:4.0:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:4.0:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:4.1:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:4.1:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:5.0:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:5.0:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:6.0:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:6.0:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:6.1:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:6.1:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:6.2:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:6.2:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:7.0:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:7.0:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:7.1:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:7.1:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:8.0:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:8.0:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:8.1:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:8.1:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:9.0:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:9.0:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:9.1:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:9.1:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:9.5:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:9.5:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:10.0:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:10.0:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:11.0:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:11.0:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:11.0.25.3001:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:11.0.25.3001:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:11.0.26.3000:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:11.0.26.3000:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:11.2:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:11.2:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:11.5:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:11.5:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:11.6:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:11.6:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:11.7:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:11.7:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:11.8:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:11.8:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:11.8.50.3420:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:11.8.50.3420:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:11.8.60:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:11.8.60:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:11.8.65:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:11.8.65:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:11.8.70:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:11.8.70:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:11.8.76:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:11.8.76:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:11.8.77:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:11.8.77:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:11.8.79:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:11.8.79:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:11.12.0:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:11.12.0:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:11.12.77:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:11.12.77:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:11.12.79:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:11.12.79:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:11.22.0:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:11.22.0:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:11.22.60:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:11.22.60:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:11.22.65:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:11.22.65:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:11.22.70:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:11.22.70:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:11.22.76:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:11.22.76:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:11.22.77:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:11.22.77:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:11.22.79:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:11.22.79:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:12.0:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:12.0:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:12.0.0:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:12.0.0:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:12.0.5:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:12.0.5:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:12.0.20:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:12.0.20:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:12.0.35:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:12.0.35:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:12.0.45:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:12.0.45:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:12.0.63:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:12.0.63:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:12.0.64:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:12.0.64:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:12.0.68:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:12.0.68:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:14.0:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:14.0:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:14.0.0:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:14.0.0:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:14.0.10:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:14.0.10:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:14.0.32:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:14.0.32:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:14.0.33:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:14.0.33:*:*:*:*:*:*:*
• cpe:2.3:o:intel:active_management_technology_firmware:14.0.39:*:*:*:*:*:*:*
  cpe:2.3:o:intel:active_management_technology_firmware:14.0.39:*:*:*:*:*:*:*
• cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
  cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*

Other 5 Recently Published CVEs Vulnerabilities

• CVE-2025-26205 – Lua 5.4.7, when the debug library is used, has a out-of-bounds read and segmentation violation in mainpositionTV in ltable.c. NOTE: this is dispute...
• CVE-2025-26204 – Lua 5.4.7, when the debug library is used, has a out-of-bounds read and segmentation violation in equalkey in ltable.c. NOTE: this is disputed beca...
• CVE-2025-2129 – A vulnerability was found in Mage AI 0.9.75. It has been classified as problematic. This affects an unknown part. The manipulation leads to insecur...
• CVE-2025-2127 – A vulnerability was found in JoomlaUX JUX Real Estate 3.4.0 on Joomla. It has been classified as problematic. Affected is an unknown function of th...
• CVE-2025-2126 – A vulnerability was found in JoomlaUX JUX Real Estate 3.4.0 on Joomla and classified as critical. This issue affects some unknown processing of the...