Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-26022

Improper access control in some Intel(R) UEFI Integrator Tools on Aptio V for Intel(R) NUC may allow an authenticated user to potentially enable escalation of privilege via local access.

Published

2024-08-14T14:15:23.753

Last Modified

2024-09-06T20:16:27.330

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 7.8 (HIGH)

Weaknesses

Type: Secondary
CWE-284
Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	intel	aptio_v_uefi_firmware_integrator_tools	< 5.05.04.0008	Yes
Application	intel	aptio_v_uefi_firmware_integrator_tools	< 5.05.04.0008	Yes
Application	intel	aptio_v_uefi_firmware_integrator_tools	< 5.13.00.2106	Yes
Application	intel	aptio_v_uefi_firmware_integrator_tools	< 5.13.00.2109	Yes
Application	intel	aptio_v_uefi_firmware_integrator_tools	< 5.27.06.0019	Yes

References

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01172.html Vendor Advisory ([email protected])