Intel Aptio V Uefi Firmware Integrator Tools vulnerabilities

CVE-2024-26022 [HIGH] CWE-284 CVE-2024-26022: Improper access control in some Intel(R) UEFI Integrator Tools on Aptio V for Intel(R) NUC may allow Improper access control in some Intel(R) UEFI Integrator Tools on Aptio V for Intel(R) NUC may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2023-28737 [HIGH] CWE-665 CVE-2023-28737: Improper initialization in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authen Improper initialization in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2023-28397 [HIGH] CWE-284 CVE-2023-28397: Improper access control in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authen Improper access control in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated to potentially enable escalation of privileges via local access.

CVE-2023-22305 [MEDIUM] CWE-680 CVE-2023-22305: Integer overflow in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated Integer overflow in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated user to potentially enable denial of service via local access.

CVE-2023-22310 [MEDIUM] CWE-421 CVE-2023-22310: Race condition in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated u Race condition in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated user to potentially enable denial of service via local access.

CVE-2023-28723 [LOW] CWE-200 CVE-2023-28723: Exposure of sensitive information to an unauthorized actor in some Intel(R) Aptio* V UEFI Firmware I Exposure of sensitive information to an unauthorized actor in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated user to potentially enable information disclosure via local access.

CVE-2022-36396 [HIGH] CWE-284 CVE-2022-36396: Improper access control in some Intel(R) Aptio* V UEFI Firmware Integrator Tools before version iDmi Improper access control in some Intel(R) Aptio* V UEFI Firmware Integrator Tools before version iDmiEdit-Linux-5.27.06.0017 may allow a privileged user to potentially enable escalation of privilege via local access.

CVE-2023-26589 [MEDIUM] CWE-416 CVE-2023-26589: Use after free in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allowed an authenticated Use after free in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allowed an authenticated user to potentially enable denial of service via local access.

CVE-2023-25949 [MEDIUM] CWE-400 CVE-2023-25949: Uncontrolled resource consumption in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow Uncontrolled resource consumption in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated user to potentially enable denial of service via local access.

CVE-2022-36374 [HIGH] CWE-284 CVE-2022-36374: Improper access control in some Intel(R) Aptio* V UEFI Firmware Integrator Tools before version iDmi Improper access control in some Intel(R) Aptio* V UEFI Firmware Integrator Tools before version iDmi Windows 5.27.03.0003 may allow a privileged user to potentially enable escalation of privilege via local access.