CVE-2022-27497

Null pointer dereference in firmware for Intel(R) AMT before version 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow an unauthenticated user to potentially enable denial of service via network access.

Published: Nov 11, 2022
Updated: Apr 14, 2023
CVE: CVE-2022-27497
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWEs:

CWE-476

Affected Software
References

Software	From	Fixed in
intel / active_management_technology_firmware	-	11.8.93
intel / active_management_technology_firmware	11.22.0	11.22.93
intel / active_management_technology_firmware	11.12.0	11.12.93
intel / active_management_technology_firmware	12.0	12.0.92
intel / active_management_technology_firmware	14.1	14.1.67
intel / active_management_technology_firmware	15.0	15.0.42
intel / active_management_technology_firmware	16.1.0	16.1.25

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00610.html

Vulnerability Database

289,599

CVE-2022-27497