Intel AMT and Standard Manageability firmware are vulnerable to an out-of-bounds write that could allow an attacker to trigger a denial of service (DoS) condition.

An out-of-bounds write exists in the firmware components operating within Ring 3 (User Applications). This flaw can be triggered to corrupt memory, leading to a system crash or a persistent denial of service state.

A CVSS score of 8.6 indicates a high severity level. While the primary impact is identified as a denial of service, the disruption of manageability features can hinder remote recovery and system maintenance. In enterprise environments, widespread DoS could lead to significant operational downtime and loss of productivity.

Immediate Action: Apply the firmware updates provided by your system manufacturer (OEM) to patch the Intel AMT and Standard Manageability components.

Proactive Monitoring: Monitor system stability and check for unexpected reboots or failures in remote management capabilities.

Compensating Controls: If updates cannot be applied immediately, consider disabling Intel AMT/Standard Manageability features if they are not required for business operations.

Public Exploit Available: false

We recommend that administrators coordinate with their hardware vendors to obtain and deploy the latest BIOS/firmware updates. Given the high CVSS score, the potential for service disruption is significant, and patching should be scheduled during the next available maintenance window.