Multiple buffer overflows in Intel AMT in Intel CSME firmware versions before version 12.0.5 may allow a privileged user to potentially execute arbitrary code with Intel AMT execution privilege via local access.
[
{
"product": "Intel(R) Active Management Technology",
"vendor": "Intel Corporation",
"versions": [
{
"status": "affected",
"version": "Versions before version 12.0.5."
}
]
}
]
www.securityfocus.com/bid/106996
cert-portal.siemens.com/productcert/pdf/ssa-377318.pdf
ics-cert.us-cert.gov/advisories/ICSA-19-043-05
security.netapp.com/advisory/ntap-20180924-0003/
support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03876en_us
www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00141.html