PT-2025-46408 · Intel · Intel One Boot Flash Update
Published
2025-11-11
·
Updated
2025-11-11
·
CVE-2025-27711
CVSS v3.1
6.7
Medium
| Vector | AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Intel(R) One Boot Flash Update (Intel(R) OFU) versions prior to 14.1.31
Description
The software has default permissions that may allow a privilege escalation. An unprivileged software adversary with an authenticated user and a complex attack may enable privilege escalation via local access, requiring user interaction. The potential issue may impact the confidentiality, integrity, and availability of the system.
Recommendations
Update to version 14.1.31 or later.
Fix
Incorrect Default Permissions
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Intel One Boot Flash Update