PT-2025-46400 · Intel · Intel One Boot Flash Update+1
Published
2025-11-11
·
Updated
2025-11-11
·
CVE-2025-25059
CVSS v3.1
6.7
Medium
| Vector | AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Intel(R) One Boot Flash Update (Intel(R) OFU) versions prior to 14.1.31
Description
An uncontrolled search path issue exists in some Intel(R) One Boot Flash Update (Intel(R) OFU) software. This issue, present within Ring 3: User Applications, may allow an escalation of privilege. A local, unprivileged software adversary with an authenticated user and a high complexity attack may be able to escalate privileges. Active user interaction is required for a potential attack. The issue may impact the confidentiality, integrity, and availability of the vulnerable system.
Recommendations
Update Intel(R) One Boot Flash Update (Intel(R) OFU) to version 14.1.31 or later.
Fix
Uncontrolled Search Path Element
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Intel Ofu
Intel One Boot Flash Update