Uncontrolled Resource Consumption in Intel UEFI Firmware Integrator Tools
CVE-2023-25949

5.5MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Aptio* V Uefi Firmware Integrator Tools
Vendor: CVE Published:; 14 November 2023

What is CVE-2023-25949?

Certain versions of Intel Aptio V UEFI Firmware Integrator Tools are susceptible to a vulnerability that allows an authenticated user to consume system resources uncontrollably. This can potentially lead to a denial of service condition through local access, affecting the availability and performance of the firmware. Ensuring that necessary security measures are in place and applying the latest updates from the vendor is critical in mitigating this risk.

Affected Version(s)

Intel(R) Aptio* V UEFI Firmware Integrator Tools See references

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 14, 2023
Vulnerability Reserved
Mar 29, 2023