CVE-2025-35991

Improper initialization in the UEFI firmware for some Intel platforms within Ring 0: Bare Metal OS may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local...

CVE-2026-20754

Improper conditions check in some firmware for some IntelR NPU Drivers within Ring 1: Device Drivers may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via...

Intel UEFI Reference Firmware March 2026 Security Update

Intel has informed HP of a potential security vulnerability in UEFI for some Intel Reference Platforms, which might allow escalation of privilege. Intel is releasing firmware updates to mitigate this potential vulnerability. Intel has released updates to mitigate the potential vulnerability. HP h...

CVE-2025-35991

Improper initialization in the UEFI firmware for some Intel platforms within Ring 0: Bare Metal OS may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local...

CVE-2025-35969

Uncontrolled search path for some IntelR Server Firmware Update Utility Software before version 16.0.12. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a high complexity attack may enable escalation of...

EUVD-2025-208542

Improper buffer restrictions in some UEFI firmware for some IntelR reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable data manipulation. This result may potentially occur via local access whe...

CVE-2025-20073

Improper buffer restrictions in the UEFI DXE module for some IntelR Reference Platforms within UEFI may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local...

CVE-2025-20005

Improper buffer restrictions in some UEFI firmware for some IntelR reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable data manipulation. This result may potentially occur via local access whe...

CVE-2025-20096

Improper input validation in the UEFI firmware for some Intel Reference Platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable data manipulation. This result may potentially occur via local access when...

PT-2026-24491

Improper buffer restrictions in some UEFI firmware for some IntelR reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable data manipulation. This result may potentially occur via local access whe...

CVE-2025-32735

Improper conditions check in some firmware for some IntelR NPU Drivers within Ring 1: Device Drivers may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via...

2026.1 IPU, Intel® Chipset Firmware Advisory

Summary: Potential security vulnerabilities in some Intel® Converged Security and Management Engine Intel® CSME, some Intel® Active Management Technology Intel® AMT, and some Intel® Standard Manageability may allow denial of service or information disclosure. Intel is releasing firmware updates t...

CVE-2021-33083

Improper authentication in firmware for some IntelR SSD, IntelR OptaneTM SSD, IntelR OptaneTM SSD DC and IntelR SSD DC Products may allow an privileged user to potentially enable information disclosure via local access...

CVE-2021-0053

Improper initialization in firmware for some IntelR PROSet/Wireless WiFi and KillerTM WiFi in Windows 10 may allow an authenticated user to potentially enable information disclosure via adjacent access...

CVE-2021-0117

Pointer issues in the firmware for some IntelR Processors may allow a privileged user to potentially enable an escalation of privilege via local access...

CVE-2022-26074

Incomplete cleanup in a firmware subsystem for IntelR SPS before versions SPSE304.08.04.330.0 and SPSE304.01.04.530.0 may allow a privileged user to potentially enable denial of service via local access...

CVE-2019-11182

Memory corruption in IntelR Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable denial of service via network access...

CVE-2019-11173

Insufficient session validation in IntelR Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure and/or denial of service via local access...

CVE-2019-11174

Insufficient access control in IntelR Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure via network access...

CVE-2020-12380

Out of bounds read in the BMC firmware for some IntelR Server Boards, Server Systems and Compute Modules before version 2.47 may allow an authenticated user to potentially enable escalation of privilege via local access...