Potential Privileged User Enabled Denial of Service Vulnerability in UEFI Firmware
CVE-2023-25546

1.8LOW

Key Information:

Vendor: Intel
Status: Uefi Firmware For Some Intel(r) Processors
Vendor: CVE Published:; 16 September 2024

What is CVE-2023-25546?

An out-of-bounds read vulnerability exists in the UEFI firmware for specific Intel(R) processors. This flaw can potentially be exploited by a privileged user with local access, enabling them to cause a denial of service condition. Affected users and organizations should apply security patches and mitigations described in the Intel security advisory to protect their systems against potential exploits.

Affected Version(s)

UEFI firmware for some Intel(R) Processors See references

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V4

Score:

1.8

Severity:

LOW

Confidentiality:

None

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 16, 2024
Vulnerability Reserved
Feb 17, 2023

JSON