Improper Locking Vulnerability in Intel Core Ultra Processors
CVE-2025-20047

5.3MEDIUM

Key Information:

Vendor

Intel

Vendor
CVE Published:
13 May 2025

What is CVE-2025-20047?

The vulnerability pertains to improper locking within the Intel Integrated Connectivity I/O interface (CNVi) found in certain Intel Core Ultra Processors. This issue may allow unauthorized access, enabling an unauthenticated user with physical access to escalate privileges. This poses significant security concerns, especially in environments where physical security cannot be guaranteed. The potential exploitation of this flaw underscores the importance of safeguarding hardware against unauthorized access.

Affected Version(s)

Intel(R) Coreā„¢ Ultra Processors See references

References

CVSS V4

Score:
5.3
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
None
Attack Vector:
Physical
Attack Complexity:
High
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-20047 : Improper Locking Vulnerability in Intel Core Ultra Processors