PT-2026-40076

Uncontrolled search path for some IntelR Server Firmware Update Utility Software before version 16.0.12. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a high complexity attack may enable escalation of...

CVE-2025-22453

Improper input validation for some Server Firmware Update UtilitySysFwUpdt before version 16.0.12 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable local code execution. This...

CVE-2025-35999

Incorrect permission assignment for critical resource for some System Firmware Update Utility SysFwUpdt for IntelR Server Boards and IntelR Server Systems Based before version 16.0.12. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with a privileg...

CVE-2025-35999

The CVE-2025-35999 entry concerns Intel System Firmware Update Utility (SysFwUpdt) on Intel Server Boards/Server Systems, affected before version 16.0.12. Affected component: SysFwUpdt; root cause: incorrect permission assignment for a critical resource in Ring 3. This enables a local attacker wi...

CVE-2025-25210

Improper input validation for some Server Firmware Update UtilitySysFwUpdt before version 16.0.12 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable escalation of privilege. This...

CVE-2025-25210

Improper input validation for some Server Firmware Update UtilitySysFwUpdt before version 16.0.12 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable escalation of privilege. This...

Intel® Server Firmware Update Utility Software Advisory

Summary: Potential security vulnerabilities for some Intel® Server Firmware Update Utility software may allow escalation of privilege. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2025-25210 Description: Improper input validati...

Intel® Server Board and Intel® Server System Firmware Update Utility Advisory

Summary: A potential security vulnerability in the Intel® Server System Firmware Update Utility for some Intel® Server Board may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2025-35999 Description:...

CVE-2024-2209

A user with administrative privileges can create a compromised dll file of the same name as the original dll within the HP printer’s Firmware Update Utility FUU bundle and place it in the Microsoft Windows default downloads directory which can lead to potential arbitrary code execution...

CVE-2025-24918

Improper link resolution before file access 'link following' for some IntelR Server Configuration Utility software and IntelR Server Firmware Update Utility software before version 16.0.12. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an...

Intel® Server Configuration Utility Software Advisory

Summary: A potential security vulnerability in some Intel® Server Configuration Utility software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2025-24918 Description: Improper link resolution befo...

PT-2025-46399

Name of the Vulnerable Software and Affected Versions IntelR Server Configuration Utility software and IntelR Server Firmware Update Utility software versions prior to 16.0.12 Description A flaw exists in link resolution before file access 'link following' within Ring 3: User Applications,...

EUVD-2023-26952

Malicious code in bioql PyPI...

CVE-2024-2209

A user with administrative privileges can create a compromised dll file of the same name as the original dll within the HP printer’s Firmware Update Utility FUU bundle and place it in the Microsoft Windows default downloads directory which can lead to potential arbitrary code execution...

CVE-2024-2209

HP DeskJet printers are affected by CVE-2024-2209 in the Printer Firmware Update Utility (FUU) bundle. A user with administrative privileges can replace the original DLL in the FUU bundle with a malicious DLL of the same name and place it in the Windows default downloads directory, potentially ca...

HP DeskJet 安全漏洞

HP DeskJet is a family of printers from Hewlett-Packard HP in the United States. A security vulnerability exists in HP DeskJet that originates from a user with administrative privileges being able to create a corrupted dll file with the same name as the original dll in the HP Printer Firmware...

PT-2024-2665 · Microsoft +1 · Windows +1

Name of the Vulnerable Software and Affected Versions: HP Printer's Firmware Update Utility FUU bundle affected versions not specified Description: The issue is related to an uncontrolled search path element in the HP printer's Firmware Update Utility FUU bundle. A user with administrative...

CVE-2023-22841

Unquoted search path in the software installer for the System Firmware Update Utility SysFwUpdt for some IntelR Server Boards and IntelR Server Systems Based on IntelR 621A Chipset before version 16.0.7 may allow an authenticated user to potentially enable escalation of privilege via local access...

PT-2023-18720 · Intel · System Firmware Update Utility

Name of the Vulnerable Software and Affected Versions: System Firmware Update Utility SysFwUpdt for some IntelR Server Boards and IntelR Server Systems Based on IntelR 621A Chipset versions prior to 16.0.7 Description: The issue is related to an unquoted search path in the software installer, whi...