PT-2026-24496 · Intel · Intel(R) Reference Platforms Uefi Firmware
Published
2026-03-10
·
Updated
2026-03-10
·
CVE-2025-20105
CVSS v4.0
8.7
High
| Vector | AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
Intel(R) reference platforms UEFI firmware (affected versions not specified)
Description
A flaw exists in some UEFI firmware SMM modules that involves improper input validation. This could allow a system software adversary with privileged user access and a low complexity attack to achieve local code execution. The issue may impact the confidentiality, integrity, and availability of the system. The potential impact to confidentiality, integrity, and availability is considered high.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
LPE
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Intel(R) Reference Platforms Uefi Firmware