PT-2026-7290 · Unknown · Server Firmware Update Utility
Published
2026-02-10
·
Updated
2026-02-10
·
CVE-2025-25210
CVSS v3.1
8.2
High
| Vector | AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Server Firmware Update Utility (SysFwUpdt) versions prior to 16.0.12
Description
A flaw exists in the input validation process of the Server Firmware Update Utility (SysFwUpdt) within Ring 3: User Applications. This issue may allow a system software adversary with privileged user access to escalate privileges with low complexity. The issue can be exploited via local access without requiring special internal knowledge or user interaction. The potential impact to the system includes confidentiality, integrity, and availability.
Recommendations
Update Server Firmware Update Utility (SysFwUpdt) to version 16.0.12 or later.
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Server Firmware Update Utility