Improper initialization in subsystem for Intel(R) CSME versions before12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel(R) TXE versions before 4.0.30 Intel(R) SPS versions before E3_05.01.04.200 may allow a privileged user to potentially enable escalation of privilege via local access.

Improper initialization in subsystem for Intel(R) CSME versions before12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel(R) TXE versions before 4.0.30 Intel(R) SPS versions before E3_05.01.04.200 may allow a privileged user to potentially enable escalation of privilege via local access.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

The Intel Management Engine on the remote host has Active Management Technology (AMT) enabled, and, according to its self-reported, is a version containing multiple vulnerabilities, including the following:

  - Out-of-bounds write in IPv6 subsystem for Intel(R) AMT, Intel(R) ISM versions before 11.8.80, 11.12.80,     11.22.80, 12.0.70, 14.0.45 may allow an unauthenticated user to potentially enable escalation of     privileges via network access. (CVE-2020-8752)

  - Out-of-bounds read in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and     14.0.45 may allow an unauthenticated user to potentially enable information disclosure and/or denial of     service via network access. (CVE-2020-8747)

  - Out-of-bounds read in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and     14.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent     access. (CVE-2020-8749)


Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The Intel Converged Security Management Engine (CSME) on the remote host is affected by multiple vulnerabilities in the Active Management Technology (AMT) feature, including the following:

  - Out-of-bounds write in IPv6 subsystem for Intel(R) AMT, Intel(R) ISM versions before 11.8.80, 11.12.80,     11.22.80, 12.0.70, 14.0.45 may allow an unauthenticated user to potentially enable escalation of     privileges via network access. (CVE-2020-8752)

  - Out-of-bounds read in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and     14.0.45 may allow an unauthenticated user to potentially enable information disclosure and/or denial of     service via network access. (CVE-2020-8747)

  - Out-of-bounds read in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and     14.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent     access. (CVE-2020-8749)

Note that due to the low-level implementation of Intel ME, Nessus may not be able to identify its version on the remote host at this time.

ID	Name	Product	Family	Severity
500705	Siemens SIMATIC S7-1500 Improper Initialization (CVE-2020-8744)	Tenable OT Security	Tenable.ot	high
143152	Intel Active Management Technology (AMT) Multiple Vulnerabilities (INTEL-SA-00391) (remote check)	Nessus	Web Servers	critical
143151	Intel Converged Security Management Engine (CSME) Active Management Technology (AMT) Multiple Vulnerabilities (INTEL-SA-00391)	Nessus	Windows	critical

Detections

Analytics

CVE-2020-8744

high

Tenable Plugins

high

critical

critical