Potential Privileged User Enabled Denial of Service Vulnerability in UEFI Firmware
CVE-2023-25546

2.5LOW

Key Information:

Vendor: Intel
Status: Uefi Firmware For Some Intel(r) Processors
Vendor: CVE Published:; 16 September 2024

What is CVE-2023-25546?

An out-of-bounds read vulnerability exists in the UEFI firmware for specific Intel(R) processors. This flaw can potentially be exploited by a privileged user with local access, enabling them to cause a denial of service condition. Affected users and organizations should apply security patches and mitigations described in the Intel security advisory to protect their systems against potential exploits.

Affected Version(s)

UEFI firmware for some Intel(R) Processors See references

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V3.1

Score:

2.5

Severity:

LOW

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 16, 2024
Vulnerability Reserved
Feb 17, 2023