Privilege Escalation Vulnerability in TDX Module by Intel
CVE-2025-22885
Key Information:
- Vendor
Intel
- Vendor
- CVE Published:
- 10 February 2026
What is CVE-2025-22885?
An improper buffer restriction vulnerability in the firmware for Intel's TDX Module may allow attackers to escalate privileges. This vulnerability can be exploited by adversaries with privileged system access through complex attack vectors. Although exploiting this flaw may require specialized knowledge, it can lead to significant security risks if local access is achieved. The implications for system security include potential confidentiality impacts, highlighting the importance of securing systems that utilize this firmware.
Affected Version(s)
TDX Module may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (low) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts. See references