CVE-2022-25899
CRITICALIntel Open Active Management Technology Cloud Toolkit < 2.0.2 - Unauthenticated Authentication Bypass
Title source: llmDescription
Authentication bypass for the Open AMT Cloud Toolkit software maintained by Intel(R) before versions 2.0.2 and 2.2.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
References (1)
Core 1
Core References
Patch, Vendor Advisory x_refsource_misc
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00694.html
Scores
CVSS v3
9.8
EPSS
0.0131
EPSS Percentile
80.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
total
Details
CWE
CWE-276
Status
published
Products (1)
intel/open_active_management_technology_cloud_toolkit
< 2.0.2
Published
Aug 18, 2022
Tracked Since
Feb 18, 2026