Lucene search
+L

112 matches found

euvd
euvd
added 2026/03/11 12:31 a.m.8 views

EUVD-2025-208554

Improper input validation in some UEFI firmware SMM module for the IntelR reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable local code execution. This result may potentially occur via local...

8.7CVSS5.8AI score0.00127EPSS
Exploits0References2
nvd
nvd
added 2026/03/10 11:16 p.m.5 views

CVE-2025-20068

Improper input validation in the UEFI ImcErrorHandler module for some IntelR reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via...

7.1CVSS0.00101EPSS
Exploits0References1
nvd
nvd
added 2026/03/10 11:16 p.m.7 views

CVE-2025-22444

Exposure of resource to wrong sphere in the UEFI PdaSmm module for some IntelR reference platforms may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local...

5.6CVSS0.00103EPSS
Exploits0References1
nvd
nvd
added 2026/03/10 11:16 p.m.15 views

CVE-2025-20027

Improper input validation in the UEFI WheaERST module for some IntelR reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local...

7.1CVSS0.00102EPSS
Exploits0References1
cve
cve
added 2026/03/10 10:49 p.m.11 views

CVE-2025-22850

The CVE-2025-22850 issue is a Time-of-checkTime-of-use race in the UEFI PdaSmm module on certain Intel reference platforms that may allow information disclosure. A system software adversary with privileged user access and a high-complexity/local-attack could expose data without user interaction. ...

5.6CVSS5.7AI score0.00083EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/03/10 10:49 p.m.1 views

CVE-2025-22850

Time-of-check time-of-use race condition in the UEFI PdaSmm module for some IntelR reference platforms may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local...

5.6CVSS5.7AI score0.00083EPSS
Exploits0References1
cvelist
cvelist
added 2026/03/10 10:49 p.m.24 views

CVE-2025-22444

Exposure of resource to wrong sphere in the UEFI PdaSmm module for some IntelR reference platforms may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local...

5.6CVSS0.00103EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/03/10 10:49 p.m.4 views

CVE-2025-22444

Exposure of resource to wrong sphere in the UEFI PdaSmm module for some IntelR reference platforms may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local...

5.6CVSS5.7AI score0.00103EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/03/10 10:49 p.m.6 views

CVE-2025-20105

Improper input validation in some UEFI firmware SMM module for the IntelR reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable local code execution. This result may potentially occur via local...

8.7CVSS5.8AI score0.00127EPSS
Exploits0References2
cve
cve
added 2026/03/10 10:49 p.m.10 views

CVE-2025-20068

CVE-2025-20068 describes improper input validation in the UEFI ImcErrorHandler module on some Intel reference platforms that may allow escalation of privilege via a local, high-complexity attack by a privileged user, with no user interaction. The vulnerability has high impact across confidentiali...

7.1CVSS5.7AI score0.00101EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/03/10 10:49 p.m.2 views

CVE-2025-20068

Improper input validation in the UEFI ImcErrorHandler module for some IntelR reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via...

7.1CVSS5.7AI score0.00101EPSS
Exploits0References1
cvelist
cvelist
added 2026/03/10 10:49 p.m.24 views

CVE-2025-20064

Improper input validation in the UEFI FlashUcAcmSmm module for some IntelR reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable local code execution. This result may potentially occur via local...

8.7CVSS0.00115EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/03/10 10:49 p.m.3 views

CVE-2025-20064

Improper input validation in the UEFI FlashUcAcmSmm module for some IntelR reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable local code execution. This result may potentially occur via local...

8.7CVSS5.8AI score0.00115EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/03/10 10:49 p.m.2 views

CVE-2025-20064

Improper input validation in the UEFI FlashUcAcmSmm module for some IntelR reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable local code execution. This result may potentially occur via local...

8.7CVSS5.8AI score0.00115EPSS
Exploits0References1
cvelist
cvelist
added 2026/03/10 10:49 p.m.25 views

CVE-2025-20028

Time-of-check time-of-use race condition in the WheaERST SMM module for some IntelR reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occ...

7.1CVSS0.00076EPSS
Exploits0References1
cve
cve
added 2026/03/10 10:49 p.m.11 views

CVE-2025-20028

CVE-2025-20028 is a TOCTOU race condition in the WheaERST SMM module on some Intel reference platforms that may allow local privilege escalation by a privileged attacker with high attack complexity and no user interaction. Affected software is Intel UEFI/SMM components on various Intel reference ...

7.1CVSS5.7AI score0.00076EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/03/10 10:49 p.m.7 views

CVE-2025-20028

Time-of-check time-of-use race condition in the WheaERST SMM module for some IntelR reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occ...

7.1CVSS5.7AI score0.00076EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/03/10 10:49 p.m.3 views

CVE-2025-20028

Time-of-check time-of-use race condition in the WheaERST SMM module for some IntelR reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occ...

7.1CVSS5.7AI score0.00076EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/03/10 10:49 p.m.4 views

CVE-2025-20027

Improper input validation in the UEFI WheaERST module for some IntelR reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local...

7.1CVSS5.7AI score0.00102EPSS
Exploits0References1
cve
cve
added 2026/03/10 10:49 p.m.43 views

CVE-2025-20027

CVE-2025-20027: Improper input validation in the UEFI WheaERST module on Intel reference platforms can allow local privilege escalation by a privileged user with high complexity. Affected items are Intel UEFI firmware components; exploitation requires local access and no user interaction. The CVS...

7.1CVSS5.7AI score0.00102EPSS
Exploits0References1
Rows per page
Query Builder