First published: Tue Nov 14 2023(Updated: )
Improper access control in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated to potentially enable escalation of privileges via local access.
|Affected Software||Affected Version||How to fix|
|Intel Aptio V Uefi Firmware Integrator Tools||=5.27.03.0003|
|Intel Aptio V Uefi Firmware Integrator Tools||=5.27.06.0017|
|Linux Linux kernel|
CVE-2023-28397 is a vulnerability that involves improper access control in some Intel(R) Aptio* V UEFI Firmware Integrator Tools, potentially allowing an authenticated user to escalate privileges via local access.
CVE-2023-28397 has a severity rating of 7.8 (high).
CVE-2023-28397 affects Intel Aptio V UEFI Firmware Integrator Tools versions 5.27.03.0003 and 5.27.06.0017.
No, Microsoft Windows is not affected by CVE-2023-28397.
No, Linux Linux kernel is not affected by CVE-2023-28397.
To exploit CVE-2023-28397, an authenticated user would need local access to potentially enable the escalation of privileges.
You can find more information about CVE-2023-28397 at the following link: [Intel Security Center Advisory](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00908.html)
CVE-2023-28397 is associated with CWE-284 (Improper Access Control).