PT-2026-7314 · Intel · System Firmware Update Utility
Published
2026-02-10
·
Updated
2026-02-10
·
CVE-2025-35999
CVSS v3.1
6.7
Medium
| Vector | AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Intel System Firmware Update Utility (SysFwUpdt) versions prior to 16.0.12
Description
A misconfiguration in permission assignments for critical resources within the System Firmware Update Utility (SysFwUpdt) for Intel server boards and systems may allow a privilege escalation. A local attacker with privileged user access and a low complexity attack may exploit this issue. The potential impact to the system includes confidentiality, integrity, and availability. The vulnerability requires passive user interaction to be exploited.
Recommendations
Update to System Firmware Update Utility (SysFwUpdt) version 16.0.12 or later.
Fix
Incorrect Permission
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
System Firmware Update Utility