35 matches found
Intel UEFI Reference Firmware March 2026 Security Update
Intel has informed HP of a potential security vulnerability in UEFI for some Intel Reference Platforms, which might allow escalation of privilege. Intel is releasing firmware updates to mitigate this potential vulnerability. Intel has released updates to mitigate the potential vulnerability. HP h...
CVE-2025-20073
Improper buffer restrictions in the UEFI DXE module for some IntelR Reference Platforms within UEFI may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local...
CVE-2025-20096
Improper input validation in the UEFI firmware for some Intel Reference Platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable data manipulation. This result may potentially occur via local access when...
2025.3 IPU, UEFI Reference Firmware Advisory
Summary: Potential security vulnerabilities in UEFI for some Intel® reference platforms may allow escalation of privilege or information disclosure. Intel is releasing UEFI firmware updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2025-20105 Description:...
EUVD-2025-208551
Improper buffer restrictions in the UEFI DXE module for some IntelR Reference Platforms within UEFI may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local...
EUVD-2025-208548
Improper input validation in the UEFI FlashUcAcmSmm module for some IntelR reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable local code execution. This result may potentially occur via local...
EUVD-2025-208555
Exposure of resource to wrong sphere in the UEFI PdaSmm module for some IntelR reference platforms may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local...
EUVD-2025-208546
Time-of-check time-of-use race condition in the WheaERST SMM module for some IntelR reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occ...
CVE-2025-22850
Time-of-check time-of-use race condition in the UEFI PdaSmm module for some IntelR reference platforms may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local...
CVE-2025-20073
Improper buffer restrictions in the UEFI DXE module for some IntelR Reference Platforms within UEFI may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local...
CVE-2025-22850
Time-of-check time-of-use race condition in the UEFI PdaSmm module for some IntelR reference platforms may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local...
CVE-2025-22850
Time-of-check time-of-use race condition in the UEFI PdaSmm module for some IntelR reference platforms may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local...
CVE-2025-22444
Exposure of resource to wrong sphere in the UEFI PdaSmm module for some IntelR reference platforms may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local...
CVE-2025-22444
CVE-2025-22444 affects the UEFI PdaSmm module on certain Intel reference platforms. The flaw is described as Exposure of resource to wrong sphere, enabling information disclosure. A system software adversary with privileged user access and a high-complexity, local attack could potentially cause d...
CVE-2025-20105
Improper input validation in some UEFI firmware SMM module for the IntelR reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable local code execution. This result may potentially occur via local...
CVE-2025-20105
The CVE-2025-20105 issue concerns improper input validation in certain UEFI firmware SMM modules on Intel reference platforms, enabling local privilege escalation and potential local code execution with a privileged user and low attack complexity (no user interaction required). Affected component...
CVE-2025-20105
Improper input validation in some UEFI firmware SMM module for the IntelR reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable local code execution. This result may potentially occur via local...
CVE-2025-20073
Improper buffer restrictions in the UEFI DXE module for some IntelR Reference Platforms within UEFI may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local...
CVE-2025-20073
CVE-2025-20073 describes an information disclosure vulnerability in the UEFI DXE module for some Intel reference platforms. The issue is caused by improper buffer restrictions, which could allow a local privilege user with high complexity to cause data exposure without user interaction. Impact is...
CVE-2025-20073
Improper buffer restrictions in the UEFI DXE module for some IntelR Reference Platforms within UEFI may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local...