Intel Manageability Commander is a lightweight console that is used to connect and utilize the features of Intel Active Management Technology (AMT). By leveraging AMT capabilities, the software provides discovery, keyboard-video-mouse (KVM) control, power control, and other remote management features for PCs. The software helps in improving service desk efficiency, enables faster device discovery, and eases configuration of platforms with Intel vPro technology.

Intel Manageability Commander

Improper input validation for the Intel(R) Manageability Commander before version 2.2 may allow an authenticated user to potentially enable escalation of privilege via adjacent access.

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2022-29887	CRITICAL	9.6	Intel Manageability Commander	cpe:2.3:a:intel:manageability_commander	No	Yes	Aug 11, 2023
CVE-2022-26341	HIGH	8.8	Intel Manageability Commander	cpe:2.3:a:intel:manageability_commander	No	Yes	Nov 11, 2022
CVE-2021-0126	HIGH	8	Intel Manageability Commander	cpe:2.3:a:intel:manageability_commander	No	Yes	May 12, 2022
CVE-2022-41610	MEDIUM	5.5	Intel Manageability Commander	cpe:2.3:a:intel:manageability_commander	No	Yes	May 10, 2023

CVE-2021-0126:
Intel Manageability Commander vulnerability analysis and mitigation

Overview

Technical details

Mitigation and workarounds

Additional resources

8

Related Intel Manageability Commander vulnerabilities:

Benchmark your Cloud Security Posture

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?

CVE-2021-0126: Intel Manageability Commander vulnerability analysis and mitigation