Information Disclosure Vulnerability in Intel Reference Platforms' UEFI Module
CVE-2025-22444
Key Information:
- Vendor
Intel
- Vendor
- CVE Published:
- 10 March 2026
What is CVE-2025-22444?
A vulnerability has been identified in the UEFI PdaSmm module of specific Intel reference platforms, which may expose sensitive resources under certain conditions. This exposure could lead to information disclosure for a malicious actor with privileged access. The attack is complex but may not require special internal knowledge or user interaction, making this vulnerability particularly concerning. While integrity and availability are not impacted, the risk to system confidentiality means that appropriate security measures should be considered to protect against potential data exposure.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
Intel(R) reference platforms may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (none) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts. See references
References
CVSS V4
Timeline
Vulnerability published
Vulnerability Reserved