Insufficient Control Flow Management in Intel Xeon 6 Processor Firmware
CVE-2025-20004

8.5HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Xeon(r) 6 Processor E-cores Firmware
Vendor: CVE Published:; 13 May 2025

What is CVE-2025-20004?

An insufficient control flow management vulnerability in the Alias Checking Trusted Module of Intel(R) Xeon(R) 6 processor E-Cores firmware has the potential to enable local privilege escalation for a privileged user. This weakness allows for unauthorized access and manipulation within the firmware, presenting a serious risk to impacted systems. It is crucial for organizations utilizing affected Intel products to evaluate their security posture and apply necessary patches to mitigate these risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Intel(R) Xeon(R) 6 processor E-Cores firmware See references

References

https://intel.com/content/www/us/en/security-center/advis...

CVSS V4

Score:

8.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
May 13, 2025
Vulnerability Reserved
Oct 11, 2024

JSON

Intel

What is CVE-2025-20004?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V4

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.