CVE-2025-27708

Name of the Vulnerable Software and Affected Versions Intel(R) Converged Security and Management Engine (CSME) Firmware (FW) (affected versions not specified)

Description An out-of-bounds read issue exists in the firmware within Ring 0: Kernel, potentially allowing information disclosure. A system software adversary with privileged user access and a low complexity attack may enable data exposure. This may occur via local access without requiring special internal knowledge or user interaction. The issue may impact the confidentiality of the vulnerable system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.