CVE-2020-12354

HIGH

Intel Active Management Technology SDK < 14.0.0.1 - Privilege Escalation via Windows Installer Permissions

Title source: llm
STIX 2.1

Description

Incorrect default permissions in Windows(R) installer in Intel(R) AMT SDK versions before 14.0.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

References (2)

Core 2
Core References
Third Party Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20201113-0003/

Scores

CVSS v3 7.8
EPSS 0.0033
EPSS Percentile 25.3%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-276
Status published
Products (1)
intel/active_management_technology_software_development_kit < 14.0.0.1
Published Nov 12, 2020
Tracked Since Feb 18, 2026