CVE-2023-22310

CWE-421 CWE-362 — Race Condition3 documents3 sources

Severity

4.7MEDIUM

EPSS

0.0%

top 87.20%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Intel Aptio V Uefi Firmware Integrator Tools

Timeline

PublishedNov 14

Description

Race condition in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated user to potentially enable denial of service via local access.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:HExploitability: 2.0 | Impact: 4.0

Affected Packages2 packages

▶CVEListV5intel(r)_aptio*_v_uefi_firmware_integrator_toolsSee references

▶NVDintel/aptio_v_uefi_firmware_integrator_tools5.27.03.0003, 5.27.06.0017+1

🔴Vulnerability Details

GHSA

GHSA-9wxq-3vm5-2pg9: Race condition in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated user to potentially enable denial of service via lo↗2023-11-14

▶

CVEList

CVE-2023-22310: Race condition in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated user to potentially enable denial of service via lo↗2023-11-14

▶