Predictable Seed Vulnerability in Intel TDX Firmware
CVE-2025-20613

2LOW

Key Information:

Vendor: Intel
Status: Intel(r) Tdx
Vendor: CVE Published:; 12 August 2025

What is CVE-2025-20613?

A vulnerability exists in the firmware for Intel TDX, where a predictable seed in the Pseudo-Random Number Generator (PRNG) can enable an authenticated user to potentially access sensitive information via local access. This flaw highlights the importance of robust random number generation techniques in maintaining data confidentiality and integrity.

Affected Version(s)

Intel(R) TDX See references

References

https://intel.com/content/www/us/en/security-center/advis...

CVSS V4

Score:

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 12, 2025
Vulnerability Reserved
Jan 8, 2025