CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
AI Score
Confidence
High
EPSS
Percentile
41.3%
Improper input validation in some firmware for Intelยฎ AMT and Intelยฎ Standard Manageability before versions 11.8.94, 11.12.94, 11.22.94, 12.0.93, 14.1.70, 15.0.45, and 16.1.27 in Intel ยฎ CSME may allow an unauthenticated user to potentially enable denial of service via network access.
Vendor | Product | Version | CPE |
---|---|---|---|
intel | converged_security_management_engine_firmware | * | cpe:2.3:a:intel:converged_security_management_engine_firmware:*:*:*:*:*:*:*:* |
intel | c232 | - | cpe:2.3:h:intel:c232:-:*:*:*:*:*:*:* |
intel | c236 | - | cpe:2.3:h:intel:c236:-:*:*:*:*:*:*:* |
intel | c420 | - | cpe:2.3:h:intel:c420:-:*:*:*:*:*:*:* |
intel | c422 | - | cpe:2.3:h:intel:c422:-:*:*:*:*:*:*:* |
intel | cm236 | - | cpe:2.3:h:intel:cm236:-:*:*:*:*:*:*:* |
intel | cm238 | - | cpe:2.3:h:intel:cm238:-:*:*:*:*:*:*:* |
intel | x299 | - | cpe:2.3:h:intel:x299:-:*:*:*:*:*:*:* |
intel | b150 | - | cpe:2.3:h:intel:b150:-:*:*:*:*:*:*:* |
intel | b250 | - | cpe:2.3:h:intel:b250:-:*:*:*:*:*:*:* |
[
{
"vendor": "n/a",
"product": "Intel(R) AMT and Intel(R) Standard Manageability in Intel (R) CSME",
"versions": [
{
"version": "before versions 11.8.94, 11.12.94, 11.22.94, 12.0.93, 14.1.70, 15.0.45, and 16.1.27",
"status": "affected"
}
],
"defaultStatus": "unaffected"
}
]