Intel has released multiple security advisories on the 10th of November 2020, addressing flaws across various Intel products, such as AMT, Endpoint Management Assistant, Wireless Bluetooth, SSDs and other.
A critical vulnerability CVE-2020-8752, with 9.4 CvSS vulnerability-severity score, is present in Intel AMT (Intel Active Management Technology) and ISM (Intel Standard Manageability). The flaw is an out-of-blouds write in the IPv6 subsystem. If exploited the flaw allows an unauthenticated user to gain escalated privileges via network. Versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 are affected and should be updated to the latest version.
A high-severity flaw CVE-2020-12309 was found in Intel solid-state drive (SSD) products that could allow an unauthenticated user information disclosure, but only if they have physical access to the SSD. The flaw is in insufficiently protected credentials in the client SSD subsystems. The list of the affected SSD-s can be found here.
Recent Comments