Improper Access Control in Intel Aptio UEFI Firmware Integrator Tools
CVE-2022-36374
6.7MEDIUM
Key Information:
- Vendor
- Intel
- Vendor
- CVE Published:
- 14 November 2023
Summary
The Intel Aptio V UEFI Firmware Integrator Tools prior to version iDmi Windows 5.27.03.0003 contain an improper access control vulnerability. This may permit a privileged user to exploit local access to enable escalation of privileges, potentially compromising system integrity. Users of affected versions are urged to update to the latest version to mitigate this risk.
Affected Version(s)
Intel(R) Aptio* V UEFI Firmware Integrator Tools before version iDmi Windows 5.27.03.0003
References
CVSS V3.1
Score:
6.7
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved