Lucene search
HistoryNov 14, 2023 - 7:15 p.m.
CVE-2023-28397
cve-2023-28397
intel
aptio
uefi
firmware
access control
privilege escalation
nvd
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.6 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
Improper access control in some Intelยฎ Aptio* V UEFI Firmware Integrator Tools may allow an authenticated to potentially enable escalation of privileges via local access.
Affected configurations
Node
intelaptio_v_uefi_firmware_integrator_toolsMatch5.27.03.0003
microsoftwindowsMatch-
Node
intelaptio_v_uefi_firmware_integrator_toolsMatch5.27.06.0017
linuxlinux_kernelMatch-
CNA Affected
[
{
"vendor": "n/a",
"product": "Intel(R) Aptio* V UEFI Firmware Integrator Tools",
"versions": [
{
"version": "See references",
"status": "affected"
}
],
"defaultStatus": "unaffected"
}
]Related
nvd
nvd
CVE-2023-28397
2023-11-14 19:15:22
cvelist
cvelist
CVE-2023-28397
2023-11-14 19:04:42
prion
prion
Improper access control
2023-11-14 19:15:00
intel
intel
Intelยฎ NUC Software Advisory
2023-11-14 00:00:00
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.6 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
Related for CVE-2023-28397