Uncontrolled Resource Consumption in Intel UEFI Firmware Integrator Tools
CVE-2023-25949

5.5MEDIUM

Key Information:

Vendor
Intel
Vendor
CVE Published:
14 November 2023

Summary

Certain versions of Intel Aptio V UEFI Firmware Integrator Tools are susceptible to a vulnerability that allows an authenticated user to consume system resources uncontrollably. This can potentially lead to a denial of service condition through local access, affecting the availability and performance of the firmware. Ensuring that necessary security measures are in place and applying the latest updates from the vendor is critical in mitigating this risk.

Affected Version(s)

Intel(R) Aptio* V UEFI Firmware Integrator Tools See references

References

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.