PT-2025-6630 · Intel+6 · Intel Processors+6

Eason

Published

2025-02-11

Updated

2025-12-03

CVE-2024-28047

CVSS v4.0

6.8

Medium

Vector

AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Name of the Vulnerable Software and Affected Versions Intel(R) Processors (affected versions not specified)

Description The issue concerns improper input validation in the UEFI firmware for some Intel(R) Processors. This may allow a privileged user to potentially enable information disclosure via local access.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

ALSA-2025:7043

ALT-PU-2025-14707

ALT-PU-2025-15105

BDU:2025-02100

CVE-2024-28047

DLA-4095-1

INFSA-2025_7043

OESA-2025-1171

RHSA-2025:7043

RHSA-2025_7043

Affected Products

Alt Linux

Almalinux

Astra Linux

Debian

Intel Processors

Red Hat

Rocky Linux

PT-2025-6630 · Intel+6 · Intel Processors+6

CVE-2024-28047

Weakness Enumeration

Related Identifiers

Affected Products

References · 46