Intel Server Firmware Update Utility 代码问题漏洞

Intel Server Firmware Update Utility is a command-line tool developed by Intel Corporation. Versions of Intel Server Firmware Update Utility prior to 16.0.12 contained a code vulnerability caused by an uncontrolled search path, which could lead to privilege escalation...

Intel® Server Firmware Update Utility Software Advisory 

Summary: A potential security vulnerability in some Intel® Server Firmware Update Utility Software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2025-35969 Description: Uncontrolled search path fo...

CVE-2025-25210

Improper input validation for some Server Firmware Update UtilitySysFwUpdt before version 16.0.12 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable escalation of privilege. This...

CVE-2025-22453

Improper input validation for some Server Firmware Update UtilitySysFwUpdt before version 16.0.12 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable local code execution. This...

CVE-2025-22453

Improper input validation for some Server Firmware Update UtilitySysFwUpdt before version 16.0.12 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable local code execution. This...

CVE-2025-22453

Summary: CVE-2025-22453 relates to improper input validation in Intel’s Server Firmware Update Utility (SysFwUpdt) prior to version 16.0.12. The vulnerability could allow a local attacker with privileged user access (high privileges, local attack vector, no user interaction) to escalate privilege...

Intel® Server Firmware Update Utility Software Advisory

Summary: Potential security vulnerabilities for some Intel® Server Firmware Update Utility software may allow escalation of privilege. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2025-25210 Description: Improper input validati...

PT-2026-7285

Name of the Vulnerable Software and Affected Versions Server Firmware Update UtilitySysFwUpdt versions prior to 16.0.12 Description A flaw exists in the input validation process of the Server Firmware Update UtilitySysFwUpdt within Ring 3: User Applications. This issue could allow a system softwa...

CVE-2025-24918

Improper link resolution before file access 'link following' for some IntelR Server Configuration Utility software and IntelR Server Firmware Update Utility software before version 16.0.12. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an...