Improper Buffer Restrictions in UEFI Firmware for Intel Processors
CVE-2024-31155

8.7HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Processors
Vendor: CVE Published:; 12 February 2025

Summary

Improper buffer restrictions in the UEFI firmware for certain Intel processors could potentially allow a locally authenticated user to escalate their privileges. This vulnerability highlights the critical need for monitoring and updating firmware to safeguard against local access attacks that may exploit these weaknesses.

Affected Version(s)

Intel(R) Processors See references

References

https://intel.com/content/www/us/en/security-center/advis...

CVSS V4

Score:

8.7

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
Feb 12, 2025
Vulnerability Reserved
May 29, 2024