CVE-2020-12354
HIGHIntel Active Management Technology SDK < 14.0.0.1 - Privilege Escalation via Windows Installer Permissions
Title source: llmDescription
Incorrect default permissions in Windows(R) installer in Intel(R) AMT SDK versions before 14.0.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_misc
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00391
Third Party Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20201113-0003/
Scores
CVSS v3
7.8
EPSS
0.0003
EPSS Percentile
10.1%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-276
Status
published
Products (1)
intel/active_management_technology_software_development_kit
< 14.0.0.1
Published
Nov 12, 2020
Tracked Since
Feb 18, 2026