What is vulnerability CVE-2023-26589?

Vulnerability CVE-2023-26589 is a use after free vulnerability in some Intel(R) Aptio* V UEFI Firmware Integrator Tools.

How does vulnerability CVE-2023-26589 affect the Intel Aptio V UEFI Firmware Integrator Tools?

Vulnerability CVE-2023-26589 allows an authenticated user to potentially enable denial of service via local access.

Which version of Intel Aptio V UEFI Firmware Integrator Tools is affected by vulnerability CVE-2023-26589?

Vulnerability CVE-2023-26589 affects Intel Aptio V UEFI Firmware Integrator Tools version 5.27.03.0003 and 5.27.06.0017.

Is Microsoft Windows affected by vulnerability CVE-2023-26589?

No, Microsoft Windows is not affected by vulnerability CVE-2023-26589.

Is Linux Linux kernel affected by vulnerability CVE-2023-26589?

No, Linux Linux kernel is not affected by vulnerability CVE-2023-26589.

What is the severity of vulnerability CVE-2023-26589?

The severity of vulnerability CVE-2023-26589 is medium with a CVSS score of 6.5.

How can I fix vulnerability CVE-2023-26589?

To fix vulnerability CVE-2023-26589, it is recommended to update to the latest version of Intel Aptio V UEFI Firmware Integrator Tools.

Where can I find more information about vulnerability CVE-2023-26589?

More information about vulnerability CVE-2023-26589 can be found at the following link: [Intel Security Advisory INTEL-SA-00908](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00908.html).

What is the CWE category of vulnerability CVE-2023-26589?

Vulnerability CVE-2023-26589 belongs to the CWE category 416: Use After Free.

Vulnerability/
CVE-2023-26589

medium

6.5

CWE

416

14/11/2023

30/8/2024

CVE-2023-26589: Use After Free

First published: Tue Nov 14 2023(Updated: )

Use after free in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allowed an authenticated user to potentially enable denial of service via local access.

Credit: secure@intel.com

Affected Software	Affected Version	How to fix
Intel Aptio V Uefi Firmware Integrator Tools	=5.27.03.0003
Microsoft Windows
Intel Aptio V Uefi Firmware Integrator Tools	=5.27.06.0017
Linux Linux kernel

Never miss a vulnerability like this again

Reference Links

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00908.html

Frequently Asked Questions

What is vulnerability CVE-2023-26589?
Vulnerability CVE-2023-26589 is a use after free vulnerability in some Intel(R) Aptio* V UEFI Firmware Integrator Tools.
How does vulnerability CVE-2023-26589 affect the Intel Aptio V UEFI Firmware Integrator Tools?
Vulnerability CVE-2023-26589 allows an authenticated user to potentially enable denial of service via local access.
Which version of Intel Aptio V UEFI Firmware Integrator Tools is affected by vulnerability CVE-2023-26589?
Vulnerability CVE-2023-26589 affects Intel Aptio V UEFI Firmware Integrator Tools version 5.27.03.0003 and 5.27.06.0017.
Is Microsoft Windows affected by vulnerability CVE-2023-26589?
No, Microsoft Windows is not affected by vulnerability CVE-2023-26589.
Is Linux Linux kernel affected by vulnerability CVE-2023-26589?
No, Linux Linux kernel is not affected by vulnerability CVE-2023-26589.
What is the severity of vulnerability CVE-2023-26589?
The severity of vulnerability CVE-2023-26589 is medium with a CVSS score of 6.5.
How can I fix vulnerability CVE-2023-26589?
To fix vulnerability CVE-2023-26589, it is recommended to update to the latest version of Intel Aptio V UEFI Firmware Integrator Tools.
Where can I find more information about vulnerability CVE-2023-26589?
More information about vulnerability CVE-2023-26589 can be found at the following link: [Intel Security Advisory INTEL-SA-00908](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00908.html).
What is the CWE category of vulnerability CVE-2023-26589?
Vulnerability CVE-2023-26589 belongs to the CWE category 416: Use After Free.

collector/nvd-api
agent/weakness
agent/references
agent/severity
agent/author
agent/type
agent/event
agent/description
agent/first-publish-date
agent/softwarecombine
agent/last-modified-date
agent/tags
collector/mitre-cve
source/MITRE
vendor/intel
canonical/intel aptio v uefi firmware integrator tools
version/intel aptio v uefi firmware integrator tools/5.27.03.0003
vendor/microsoft
canonical/microsoft windows
version/intel aptio v uefi firmware integrator tools/5.27.06.0017
vendor/linux
canonical/linux linux kernel