Privilege Escalation Vulnerability in Intel Xeon Processor Firmware
CVE-2025-20053

7HIGH

Key Information:

Vendor

Intel
Status
Intel(r) Xeon(r) Processor Firmware With Sgx Enabled
Vendor
CVE Published:
12 August 2025

What is CVE-2025-20053?

This vulnerability arises from improper buffer restrictions in the firmware of certain Intel Xeon processors that have Software Guard Extensions (SGX) enabled. It potentially allows a privileged user with local access to exploit the weakness and escalate their privileges within the system. This could lead to unauthorized access and control over sensitive resources and data within the environment.

Affected Version(s)

Intel(R) Xeon(R) Processor firmware with SGX enabled See references

References

https://intel.com/content/www/us/en/security-center/advis...

CVSS V4

Score:
7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
None
Attack Vector:
Local
Attack Complexity:
High
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2025-20053 : Privilege Escalation Vulnerability in Intel Xeon Processor Firmware