Details of VAR-202006-0024

ID

VAR-202006-0024

CVE

CVE-2020-0594

TITLE

Treck IP stacks contain multiple vulnerabilities

Trust: 0.8

sources: CERT/CC: VU#257161

DESCRIPTION

Out-of-bounds read in IPv6 subsystem in Intel(R) AMT and Intel(R) ISM versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthenticated user to potentially enable escalation of privilege via network access. Treck IP stack implementations for embedded systems are affected by multiple vulnerabilities. This set of vulnerabilities was researched and reported by JSOF, who calls them Ripple20.CVE-2020-0594 Unknown CVE-2020-0595 Unknown CVE-2020-0597 Unknown CVE-2020-11896 Affected CVE-2020-11897 Not Affected CVE-2020-11898 Affected CVE-2020-11899 Not Affected CVE-2020-11900 Affected CVE-2020-11901 Not Affected CVE-2020-11902 Not Affected CVE-2020-11903 Not Affected CVE-2020-11904 Not Affected CVE-2020-11905 Not Affected CVE-2020-11906 Affected CVE-2020-11907 Affected CVE-2020-11908 Not Affected CVE-2020-11909 Not Affected CVE-2020-11910 Not Affected CVE-2020-11911 Affected CVE-2020-11912 Affected CVE-2020-11913 Not Affected CVE-2020-11914 Affected CVE-2020-8674 UnknownCVE-2020-0594 Unknown CVE-2020-0595 Unknown CVE-2020-0597 Unknown CVE-2020-11896 Affected CVE-2020-11897 Not Affected CVE-2020-11898 Affected CVE-2020-11899 Not Affected CVE-2020-11900 Affected CVE-2020-11901 Not Affected CVE-2020-11902 Not Affected CVE-2020-11903 Not Affected CVE-2020-11904 Not Affected CVE-2020-11905 Not Affected CVE-2020-11906 Affected CVE-2020-11907 Affected CVE-2020-11908 Not Affected CVE-2020-11909 Not Affected CVE-2020-11910 Not Affected CVE-2020-11911 Affected CVE-2020-11912 Affected CVE-2020-11913 Not Affected CVE-2020-11914 Affected CVE-2020-8674 Unknown. Intel(R) AMT and ISM Exists in an out-of-bounds read vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Both Intel Active Management Technology (AMT) and Intel Software Manager (ISM) are products of Intel Corporation of the United States. Intel Active Management Technology is a set of hardware-based computer remote active management technology software. Intel Software Manager is a utility for managing Intel software development products. There are security vulnerabilities in the IPv6 subsystem in Intel AMT and ISM. A remote attacker could exploit this vulnerability to elevate privileges. The following products and versions are affected: Intel AMT before 11.8.77, before 11.12.77, before 11.22.77, before 12.0.64; ISM before 11.8.77, before 11.12.77, before 11.22.77 Version, version before 12.0.64

Trust: 2.52

sources: NVD: CVE-2020-0594 // CERT/CC: VU#257161 // JVNDB: JVNDB-2020-006816 // VULHUB: VHN-162028 // VULMON: CVE-2020-0594

AFFECTED PRODUCTS

vendor:	intel	model:	service manager	scope:	lt	version:	11.12.77	Trust: 1.0
vendor:	intel	model:	service manager	scope:	lt	version:	11.22.77	Trust: 1.0
vendor:	intel	model:	service manager	scope:	gte	version:	11.0	Trust: 1.0
vendor:	intel	model:	active management technology	scope:	gte	version:	11.20	Trust: 1.0
vendor:	intel	model:	active management technology	scope:	gte	version:	12.0	Trust: 1.0
vendor:	intel	model:	service manager	scope:	lt	version:	11.8.77	Trust: 1.0
vendor:	intel	model:	service manager	scope:	lt	version:	12.0.64	Trust: 1.0
vendor:	intel	model:	active management technology	scope:	gte	version:	11.0	Trust: 1.0
vendor:	intel	model:	service manager	scope:	gte	version:	11.10	Trust: 1.0
vendor:	intel	model:	active management technology	scope:	lt	version:	11.22.77	Trust: 1.0
vendor:	intel	model:	active management technology	scope:	lt	version:	11.8.77	Trust: 1.0
vendor:	intel	model:	active management technology	scope:	lt	version:	12.0.64	Trust: 1.0
vendor:	intel	model:	service manager	scope:	gte	version:	12.0	Trust: 1.0
vendor:	intel	model:	service manager	scope:	gte	version:	11.20	Trust: 1.0
vendor:	intel	model:	active management technology	scope:	gte	version:	11.10	Trust: 1.0
vendor:	intel	model:	active management technology	scope:	lt	version:	11.12.77	Trust: 1.0
vendor:	intel	model:	active management technology	scope:	eq	version:	11.12.77	Trust: 0.8
vendor:	intel	model:	active management technology	scope:	eq	version:	11.22.77	Trust: 0.8
vendor:	intel	model:	active management technology	scope:	eq	version:	11.8.77	Trust: 0.8
vendor:	intel	model:	active management technology	scope:	eq	version:	12.0.64	Trust: 0.8
vendor:	intel	model:	standard manageability	scope:	eq	version:	11.12.77	Trust: 0.8
vendor:	intel	model:	standard manageability	scope:	eq	version:	11.22.77	Trust: 0.8
vendor:	intel	model:	standard manageability	scope:	eq	version:	11.8.77	Trust: 0.8
vendor:	intel	model:	standard manageability	scope:	eq	version:	12.0.64	Trust: 0.8

sources: JVNDB: JVNDB-2020-006816 // NVD: CVE-2020-0594

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-0594
value:	CRITICAL
Trust: 1.0
NVD:	JVNDB-2020-006816
value:	CRITICAL
Trust: 0.8
CNNVD:	CNNVD-202006-795
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-162028
value:	HIGH
Trust: 0.1
VULMON:	CVE-2020-0594
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2020-0594
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.1
NVD:	JVNDB-2020-006816
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
VULHUB:	VHN-162028
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2020-0594
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	JVNDB-2020-006816
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-162028 // VULMON: CVE-2020-0594 // JVNDB: JVNDB-2020-006816 // CNNVD: CNNVD-202006-795 // NVD: CVE-2020-0594

PROBLEMTYPE DATA

problemtype:

CWE-125

Trust: 1.9

sources: VULHUB: VHN-162028 // JVNDB: JVNDB-2020-006816 // NVD: CVE-2020-0594

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202006-795

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202006-795

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-006816

PATCH

title:	INTEL-SA-00295	url:	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html	Trust: 0.8
title:	Intel AMT and ISM Buffer error vulnerability fix	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=122461	Trust: 0.6
title:	HP: HPSBHF03667 rev. 1 - Intel® 2020.1 IPU - CSME, SPS, TXT, AMT and DAL Security Updates	url:	https://vulmon.com/vendoradvisory?qidtp=hp_bulletin&qid=HPSBHF03667	Trust: 0.1
title:	Threatpost	url:	https://threatpost.com/critical-intel-active-management-technology-flaw-allows-privilege-escalation/159036/	Trust: 0.1
title:	Threatpost	url:	https://threatpost.com/critical-intel-flaws-fixed-in-active-management-technology/156458/	Trust: 0.1

sources: VULMON: CVE-2020-0594 // JVNDB: JVNDB-2020-006816 // CNNVD: CNNVD-202006-795

EXTERNAL IDS

db:	NVD	id:	CVE-2020-0594	Trust: 3.4
db:	CERT/CC	id:	VU#257161	Trust: 2.5
db:	LENOVO	id:	LEN-30041	Trust: 1.8
db:	JVN	id:	JVNVU98979613	Trust: 0.8
db:	JVNDB	id:	JVNDB-2020-006816	Trust: 0.8
db:	CNNVD	id:	CNNVD-202006-795	Trust: 0.7
db:	AUSCERT	id:	ESB-2020.1991	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.1991.2	Trust: 0.6
db:	VULHUB	id:	VHN-162028	Trust: 0.1
db:	VULMON	id:	CVE-2020-0594	Trust: 0.1

sources: CERT/CC: VU#257161 // VULHUB: VHN-162028 // VULMON: CVE-2020-0594 // JVNDB: JVNDB-2020-006816 // CNNVD: CNNVD-202006-795 // NVD: CVE-2020-0594

REFERENCES

url:	https://security.netapp.com/advisory/ntap-20200611-0007/	Trust: 1.8
url:	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00295.html	Trust: 1.8
url:	https://www.synology.com/security/advisory/synology_sa_20_15	Trust: 1.8
url:	https://support.lenovo.com/de/en/product_security/len-30041	Trust: 1.8
url:	https://www.kb.cert.org/vuls/id/257161	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2020-0594	Trust: 1.4
url:	cve-2020-0594	Trust: 0.8
url:	cve-2020-0595	Trust: 0.8
url:	cve-2020-0597	Trust: 0.8
url:	cve-2020-11896	Trust: 0.8
url:	cve-2020-11897	Trust: 0.8
url:	cve-2020-11898	Trust: 0.8
url:	cve-2020-11899	Trust: 0.8
url:	cve-2020-11900	Trust: 0.8
url:	cve-2020-11901	Trust: 0.8
url:	cve-2020-11902	Trust: 0.8
url:	cve-2020-11903	Trust: 0.8
url:	cve-2020-11904	Trust: 0.8
url:	cve-2020-11905	Trust: 0.8
url:	cve-2020-11906	Trust: 0.8
url:	cve-2020-11907	Trust: 0.8
url:	cve-2020-11908	Trust: 0.8
url:	cve-2020-11909	Trust: 0.8
url:	cve-2020-11910	Trust: 0.8
url:	cve-2020-11911	Trust: 0.8
url:	cve-2020-11912	Trust: 0.8
url:	cve-2020-11913	Trust: 0.8
url:	cve-2020-11914	Trust: 0.8
url:	cve-2020-8674	Trust: 0.8
url:	vince json	Trust: 0.8
url:	csaf	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-0594	Trust: 0.8
url:	https://jvn.jp/vu/jvnvu98979613/	Trust: 0.8
url:	https://www.auscert.org.au/bulletins/esb-2020.1991/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.1991.2/	Trust: 0.6
url:	https://vigilance.fr/vulnerability/intel-csme-sps-txe-amt-ism-dal-multiple-vulnerabilities-32545	Trust: 0.6
url:	https://support.lenovo.com/us/en/product_security/len-30041	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/125.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/183155	Trust: 0.1
url:	https://threatpost.com/critical-intel-active-management-technology-flaw-allows-privilege-escalation/159036/	Trust: 0.1

sources: CERT/CC: VU#257161 // VULHUB: VHN-162028 // VULMON: CVE-2020-0594 // JVNDB: JVNDB-2020-006816 // CNNVD: CNNVD-202006-795 // NVD: CVE-2020-0594

CREDITS

This document was written by Vijay Sarvepalli.

Trust: 0.8

sources: CERT/CC: VU#257161

SOURCES

db:	CERT/CC	id:	VU#257161
db:	VULHUB	id:	VHN-162028
db:	VULMON	id:	CVE-2020-0594
db:	JVNDB	id:	JVNDB-2020-006816
db:	CNNVD	id:	CNNVD-202006-795
db:	NVD	id:	CVE-2020-0594

LAST UPDATE DATE

2024-11-23T19:33:05.965000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#257161	date:	2022-09-20T00:00:00
db:	VULHUB	id:	VHN-162028	date:	2021-03-18T00:00:00
db:	VULMON	id:	CVE-2020-0594	date:	2021-03-18T00:00:00
db:	JVNDB	id:	JVNDB-2020-006816	date:	2020-07-20T00:00:00
db:	CNNVD	id:	CNNVD-202006-795	date:	2021-05-24T00:00:00
db:	NVD	id:	CVE-2020-0594	date:	2024-11-21T04:53:49.270

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#257161	date:	2020-06-16T00:00:00
db:	VULHUB	id:	VHN-162028	date:	2020-06-15T00:00:00
db:	VULMON	id:	CVE-2020-0594	date:	2020-06-15T00:00:00
db:	JVNDB	id:	JVNDB-2020-006816	date:	2020-07-20T00:00:00
db:	CNNVD	id:	CNNVD-202006-795	date:	2020-06-09T00:00:00
db:	NVD	id:	CVE-2020-0594	date:	2020-06-15T14:15:11.457