Improper Access Control Vulnerability in Intel Xeon Processors
CVE-2025-20100

8.7HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Xeon(r) 6 Processor With E-cores
Vendor: CVE Published:; 13 May 2025

What is CVE-2025-20100?

This vulnerability pertains to improper access control within the memory controller configurations of targeted Intel Xeon 6 processors equipped with E-cores. It has been identified that a privileged user with local access could exploit this flaw to potentially escalate their privileges, leading to unauthorized actions or access to restricted system functions. Ensuring proper configuration and regular updates is essential to mitigate this risk.

Affected Version(s)

Intel(R) Xeon(R) 6 processor with E-cores See references

References

https://intel.com/content/www/us/en/security-center/advis...

CVSS V4

Score:

8.7

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 13, 2025
Vulnerability Reserved
Oct 11, 2024