Escalation of Privilege Vulnerability in UEFI Firmware for Intel Reference Platforms
CVE-2025-20096
Key Information:
- Vendor
Intel
- Vendor
- CVE Published:
- 10 March 2026
What is CVE-2025-20096?
A flaw in the UEFI firmware for certain Intel Reference Platforms permits escalation of privilege due to improper input validation. This vulnerability could allow a system software adversary with access to a privileged user account to execute a complex attack, enabling potential data manipulation on the system. Although local access and user interaction are required to exploit this vulnerability, the risks include significant impacts on the integrity and availability of the affected systems. Organizations utilizing these platforms should assess their exposure and implement recommended security measures as per Intel's advisory.
Affected Version(s)
Intel Reference Platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable data manipulation. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires active user interaction. The potential vulnerability may impact the confidentiality (none), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (high) and availability (high) impacts. See references