Improper Access Control in Intel Aptio UEFI Firmware Integrator Tools
CVE-2022-36374

6.7MEDIUM

Key Information:

Vendor
Intel
Vendor
CVE Published:
14 November 2023

Summary

The Intel Aptio V UEFI Firmware Integrator Tools prior to version iDmi Windows 5.27.03.0003 contain an improper access control vulnerability. This may permit a privileged user to exploit local access to enable escalation of privileges, potentially compromising system integrity. Users of affected versions are urged to update to the latest version to mitigate this risk.

Affected Version(s)

Intel(R) Aptio* V UEFI Firmware Integrator Tools before version iDmi Windows 5.27.03.0003

References

CVSS V3.1

Score:
6.7
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.