CVE-2023-28723

CWE-200 — Information Exposure3 documents3 sources

Severity

5.5MEDIUM

EPSS

0.1%

top 73.53%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Intel Aptio V Uefi Firmware Integrator Tools

Timeline

PublishedNov 14

Description

Exposure of sensitive information to an unauthorized actor in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated user to potentially enable information disclosure via local access.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 1.8 | Impact: 1.4

Affected Packages2 packages

▶CVEListV5intel(r)_aptio*_v_uefi_firmware_integrator_toolssome Intel(R) Aptio* V UEFI Firmware Integrator Tools

▶NVDintel/aptio_v_uefi_firmware_integrator_tools5.27.03.0003, 5.27.06.0017+1

🔴Vulnerability Details

GHSA

GHSA-f6cq-wc24-3mcw: Exposure of sensitive information to an unauthorized actor in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated user to↗2023-11-14

▶

CVEList

CVE-2023-28723: Exposure of sensitive information to an unauthorized actor in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated user to↗2023-11-14

▶