PT-2026-7285 · Unknown · Server Firmware Update Utility
Published
2026-02-10
·
Updated
2026-02-10
·
CVE-2025-22453
CVSS v3.1
7.5
High
| Vector | AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Server Firmware Update Utility(SysFwUpdt) versions prior to 16.0.12
Description
A flaw exists in the input validation process of the Server Firmware Update Utility(SysFwUpdt) within Ring 3: User Applications. This issue could allow a system software adversary with a privileged user account and a high complexity attack to achieve local code execution. The potential impact includes high confidentiality, integrity, and availability risks to the vulnerable system. The issue requires local access and does not require user interaction.
Recommendations
Update Server Firmware Update Utility(SysFwUpdt) to version 16.0.12 or later.
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Server Firmware Update Utility