CVE-2020-8752: Vulnerability Analysis & Exploit Details

Status: Modified - Last modified: 21-11-2024 Published: 12-11-2020

CVE-2020-8752
Vulnerability Scoring

9.8
/10

Attack Complexity Details

  • Attack Complexity: Low Impact
  • Attack Vector: NETWORK
  • Privileges Required: None
  • Scope: UNCHANGED
  • User Interaction: NONE

CIA Impact Definition

  • Confidentiality: HIGH IMPACT
  • Integrity: HIGH IMPACT
  • Availability: HIGH IMPACT

CVE-2020-8752 Vulnerability Summary

Out-of-bounds write in IPv6 subsystem for Intel(R) AMT, Intel(R) ISM versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 14.0.45 may allow an unauthenticated user to potentially enable escalation of privileges via network access.

Access Complexity Graph for CVE-2020-8752

Impact Analysis for CVE-2020-8752

CVE-2020-8752: Detailed Information and External References

EPSS

0.00234

EPSS %

0.61650

References

0.00234

CWE

CWE-787

Vulnerable Configurations

  • cpe:2.3:o:intel:active_management_technology_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:1.0:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:1.0:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:2.0:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:2.0:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:2.1:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:2.1:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:2.2:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:2.2:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:2.5:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:2.5:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:2.6:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:2.6:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:3.0:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:3.0:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:3.1:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:3.1:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:3.2:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:3.2:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:4.0:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:4.0:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:4.1:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:4.1:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:5.0:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:5.0:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:6.0:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:6.0:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:6.1:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:6.1:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:6.2:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:6.2:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:7.0:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:7.1:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:7.1:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:8.0:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:8.0:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:8.1:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:8.1:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:9.0:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:9.0:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:9.1:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:9.1:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:9.5:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:9.5:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:10.0:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:10.0:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:11.0:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:11.0:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:11.0.25.3001:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:11.0.25.3001:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:11.0.26.3000:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:11.0.26.3000:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:11.2:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:11.2:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:11.5:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:11.5:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:11.6:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:11.6:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:11.7:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:11.7:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:11.8:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:11.8:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:11.8.50.3420:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:11.8.50.3420:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:11.8.60:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:11.8.60:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:11.8.65:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:11.8.65:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:11.8.70:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:11.8.70:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:11.8.76:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:11.8.76:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:11.8.77:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:11.8.77:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:11.8.79:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:11.8.79:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:11.12.0:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:11.12.0:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:11.12.77:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:11.12.77:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:11.12.79:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:11.12.79:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:11.22.0:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:11.22.0:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:11.22.60:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:11.22.60:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:11.22.65:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:11.22.65:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:11.22.70:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:11.22.70:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:11.22.76:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:11.22.76:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:11.22.77:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:11.22.77:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:11.22.79:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:11.22.79:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:12.0:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:12.0:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:12.0.0:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:12.0.0:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:12.0.5:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:12.0.5:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:12.0.20:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:12.0.20:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:12.0.35:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:12.0.35:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:12.0.45:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:12.0.45:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:12.0.63:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:12.0.63:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:12.0.64:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:12.0.64:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:12.0.68:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:12.0.68:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:14.0:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:14.0:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:14.0.0:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:14.0.0:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:14.0.10:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:14.0.10:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:14.0.32:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:14.0.32:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:14.0.33:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:14.0.33:*:*:*:*:*:*:*
  • cpe:2.3:o:intel:active_management_technology_firmware:14.0.39:*:*:*:*:*:*:*
    cpe:2.3:o:intel:active_management_technology_firmware:14.0.39:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
  • cpe:2.3:a:intel:standard_manageability:11.8:*:*:*:*:*:*:*
    cpe:2.3:a:intel:standard_manageability:11.8:*:*:*:*:*:*:*
  • cpe:2.3:a:intel:standard_manageability:11.8.79:*:*:*:*:*:*:*
    cpe:2.3:a:intel:standard_manageability:11.8.79:*:*:*:*:*:*:*
  • cpe:2.3:a:intel:standard_manageability:11.12.0:*:*:*:*:*:*:*
    cpe:2.3:a:intel:standard_manageability:11.12.0:*:*:*:*:*:*:*
  • cpe:2.3:a:intel:standard_manageability:11.12.79:*:*:*:*:*:*:*
    cpe:2.3:a:intel:standard_manageability:11.12.79:*:*:*:*:*:*:*
  • cpe:2.3:a:intel:standard_manageability:11.22.0:*:*:*:*:*:*:*
    cpe:2.3:a:intel:standard_manageability:11.22.0:*:*:*:*:*:*:*
  • cpe:2.3:a:intel:standard_manageability:11.22.79:*:*:*:*:*:*:*
    cpe:2.3:a:intel:standard_manageability:11.22.79:*:*:*:*:*:*:*
  • cpe:2.3:a:intel:standard_manageability:12.0:*:*:*:*:*:*:*
    cpe:2.3:a:intel:standard_manageability:12.0:*:*:*:*:*:*:*
  • cpe:2.3:a:intel:standard_manageability:12.0.68:*:*:*:*:*:*:*
    cpe:2.3:a:intel:standard_manageability:12.0.68:*:*:*:*:*:*:*
  • cpe:2.3:a:intel:standard_manageability:14.0:*:*:*:*:*:*:*
    cpe:2.3:a:intel:standard_manageability:14.0:*:*:*:*:*:*:*
  • cpe:2.3:a:intel:standard_manageability:14.0.39:*:*:*:*:*:*:*
    cpe:2.3:a:intel:standard_manageability:14.0.39:*:*:*:*:*:*:*

CVSS3 Source

nvd@nist.gov

CVSS3 Type

Primary

CVSS3 Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Protect Your Infrastructure: Combat Critical CVE Threats

Stay updated with real-time CVE vulnerabilities and take action to secure your systems. Enhance your cybersecurity posture with the latest threat intelligence and mitigation techniques. Develop the skills necessary to defend against CVEs and secure critical infrastructures. Join the top cybersecurity professionals safeguarding today's infrastructures.

Recently Published CVEs