PT-2025-21077 · Intel+1 · Intel Server D50Dnp+2
Published
2025-05-13
·
Updated
2025-05-14
·
CVE-2025-20034
CVSS v3.1
5.3
Medium
| Vector | AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
Intel(R) Server D50DNP and M50FCP boards versions prior to R01.02.0003
Description:
The issue is related to improper input validation in the SmiVariable driver of the UEFI firmware BackupBiosUpdate. This may allow a privileged user to potentially enable information disclosure via local access.
Recommendations:
For versions prior to R01.02.0003, update to version R01.02.0003 or later to resolve the issue.
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Intel Server D50Dnp
Intel Server M50Fcp
Uefi Firmware