Privilege Escalation Vulnerability in Intel Xeon Processor Firmware
CVE-2025-20053

7HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Xeon(r) Processor Firmware With Sgx Enabled
Vendor: CVE Published:; 12 August 2025

What is CVE-2025-20053?

This vulnerability arises from improper buffer restrictions in the firmware of certain Intel Xeon processors that have Software Guard Extensions (SGX) enabled. It potentially allows a privileged user with local access to exploit the weakness and escalate their privileges within the system. This could lead to unauthorized access and control over sensitive resources and data within the environment.

Affected Version(s)

Intel(R) Xeon(R) Processor firmware with SGX enabled See references

References

https://intel.com/content/www/us/en/security-center/advis...

CVSS V4

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

High

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 12, 2025
Vulnerability Reserved
Jan 16, 2025