SB2022081122 - Multiple vulnerabilities in Intel AMT and Standard Manageability

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2022081122

SB2022081122 - Multiple vulnerabilities in Intel AMT and Standard Manageability

Published: August 11, 2022

Security Bulletin ID SB2022081122
Severity
High
Patch available
NO
Number of vulnerabilities 3
Exploitation vector Remote access
Highest impact Data manipulation

Breakdown by Severity

High 33% Low 67%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 3 secuirty vulnerabilities.


1) Insufficiently protected credentials (CVE-ID: CVE-2022-30601)

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to insufficiently protected credentials. A remote attacker can obtain credentials and gain elevated privileges on the system.


2) Insufficiently protected credentials (CVE-ID: CVE-2022-30944)

The vulnerability allows a local user to compromise the target system.

The vulnerability exists due to insufficiently protected credentials. A local administrator can obtain credentials on the system.


3) Improper access control (CVE-ID: CVE-2022-28697)

The vulnerability allows a local attacker to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions in firmware. An attacker with physical access can bypass implemented security restrictions and gain elevated privileges on the system.


Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

References