Race Condition in Intel Converged Security and Management Engine Vulnerability
CVE-2025-20037
6.8MEDIUM
Key Information:
- Vendor
Intel
- Vendor
- CVE Published:
- 12 August 2025
What is CVE-2025-20037?
This vulnerability involves a time-of-check time-of-use race condition in the firmware for certain versions of Intel's Converged Security and Management Engine. It allows a privileged user to potentially escalate their privileges via local access, posing risks to system integrity and security. It is essential for users and administrators of affected products to apply the necessary updates and mitigations provided by Intel to safeguard against potential exploitations.
Affected Version(s)
Intel(R) Converged Security and Management Engine See references