Analysis Summary

CVE-2024-26021 CVSS:2.3

Intel AMT and Intel Standard Manageability could allow a local authenticated attacker to obtain sensitive information, caused by improper initialization in the firmware.

CVE-2024-30211 CVSS:6

Intel ME driver pack installer engines could allow a local authenticated attacker to gain elevated privileges on the system, caused by improper access control.

Impact

• Information Disclosure
• Privilege Escalation

Indicators of Compromise

CVE

• CVE-2024-26021

• CVE-2024-30211

Affected Vendors

Affected Products

• Intel AMT and Intel Standard Manageability
• Intel(R) ME driver pack installer engines

Remediation

Upgrade to the latest version, available from the Intel Website.

Intel Website